From Router Security Requirements Guide
Part of SRG-NET-000019-RTR-000009
Associated with: CCI-001414
The perimeter router will not use a routing protocol to advertise NIPRNet addresses to alternate gateways. Most ISPs use BGP to share route information with other autonomous systems, that is, any network under a different administrative control and policy than a local site. If BGP is configured on the perimeter router, no BGP neighbors will be defined to peer routers from an autonomous system (AS) belonging to any alternate gateway. The only allowable method is a static route to reach the alternate gateway.
This requirement is not applicable for the DoDIN Backbone. Review the configuration of the router connecting to the alternate gateway. Verify there are no BGP neighbors configured to the remote AS that belongs to the alternate gateway service provider. If there are BGP neighbors connecting the remote AS of the alternate gateway service provider, this is a finding.
This requirement is not applicable for the DoDIN Backbone. Configure a static route on the perimeter router to reach the AS of a router connecting to an alternate gateway.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer