STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to IBM zVM Using CA VM:Secure Security Technical Implementation Guide

V-237966

CAT II (Medium)

IBM z/VM must be protected by an external firewall that has a deny-all, allow-by-exception policy.

Rule ID

SV-237966r649738_rule

STIG

IBM zVM Using CA VM:Secure Security Technical Implementation Guide

Version

V2R2

CCIs

CCI-000366

Discussion

Firewalls protect computers from network attacks by blocking or limiting access to open network ports. Firewalls provide monitoring and control of communications at the external boundary of an information system to prevent and detect malicious and other unauthorized communications.

Check Content

Ask the system administrator for a network system plan.

If there is no firewall defined for the IBM z/VM system, this is a finding.

If the firewall does not have a deny-all, allow-by-exception policy, this is a finding.

Fix Text

Ensure that the network has a firewall installed that provides a deny-all, allow-by-exception protection for the IBM z/VM system.