← Back to Multifunction Device and Network Printers Security Technical Implemetation Guide

V-6779

CAT II (Medium)

A firewall or router rule must block all ingress and egress traffic from the enclave perimeter to the MFD or Network Printer.

Rule ID

SV-7001r2_rule

STIG

Multifunction Device and Network Printers Security Technical Implemetation Guide

Version

V2R15

CCIs

None

Discussion

Access to the MFD or printer from outside the enclave network could lead to a denial of service caused by a large number of large print files being sent to the device. Ability for the MFD or printer to access addresses outside the enclave network could lead to a compromise of sensitive data caused by forwarding a print file to a location outside of the enclave network. This also prevents accidental implementation of a “call-home” feature that is not allowed.

Check Content

The reviewer will verify that a firewall or router rule blocks all ingress and egress traffic from the enclave perimeter to the MFD or Network Printer.<br /><br />If a firewall or router does not block all ingress and egress traffic from the enclave perimeter to the MFD or Network Printer, this is a finding.

Fix Text

Configure a firewall or router rule to block all ingress and egress traffic from the enclave perimeter to the MFD or Network Printer.