9c7b9239c5
This patch refers deployers to more documentation and provides recommendations for more specific firewall rules. Implements: blueprint security-rhel7-stig Change-Id: Ie6601b3038256e067e2307fd86ae9d6812c07783
15 lines
427 B
ReStructuredText
15 lines
427 B
ReStructuredText
---
|
|
id: RHEL-07-040820
|
|
status: exception - manual intervention
|
|
tag: misc
|
|
---
|
|
|
|
The ``firewalld`` service is optionally enabled and configured in the tasks for
|
|
another STIG control:
|
|
|
|
* :ref:`stig-RHEL-07-040290`
|
|
|
|
Deployers should review their ``firewalld`` ruleset regularly to ensure that
|
|
each firewall rule is specific as possible. Each rule should allow the smallest
|
|
number of hosts to access the smallest number of services.
|