STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated just now
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Router Security Requirements Guide

V-279004

CAT II (Medium)

When transferring information between different security domains, the router must apply the same security policy filtering to metadata as it applies to data payloads.

Rule ID

SV-279004r1137960_rule

STIG

Router Security Requirements Guide

Version

V5R2

CCIs

CCI-002211CCI-000366

Discussion

Subjecting metadata to the same filtering and inspection policies as payload data avoids the potential for data compromise through covert channels and the bypass of security policy filtering. This requirement applies to routers that transfer information between different security domains (e.g., cross-domain solutions). This requirement also applies to Zero Trust initiatives.

Check Content

The router must apply the same security policy filtering to metadata as it applies to data payloads. Verify the router is configured to meet the requirements.

If the router does not meet the requirement, this is a finding.

Fix Text

Configure the router to meet the requirement.