CSCv6|11.2

Title

All new configuration rules should be documented and recorded in a configuration management system.

Description

All new configuration rules beyond a baseline-hardened configuration that allow traffic to flow through network security devices, such as firewalls and network-based IPS, should be documented and recorded in a configuration management system, with a specific business reason for each change, a specific individual's name responsible for that business need, and an expected duration of the need.

Reference Item Details

Category: Secure Configurations for Network Devices

Family: Network