STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 1 hour ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Router Security Requirements Guide

V-207105

CAT III (Low)

The MSDP router must be configured to limit the amount of source-active messages it accepts on per-peer basis.

Rule ID

SV-207105r1137903_rule

STIG

Router Security Requirements Guide

Version

V5R2

CCIs

CCI-001368

Discussion

To reduce any risk of a denial-of-service (DoS) attack from a rogue or misconfigured MSDP router, the router must be configured to limit the number of source-active messages it accepts from each peer. This requirement also applies to Zero Trust initiatives.

Check Content

Review the router configuration to determine if it is configured to limit the amount of source-active messages it accepts on a per-peer basis.

If the router is not configured to limit the source-active messages it accepts, this is a finding.

Fix Text

Configure the MSDP router to limit the amount of source-active messages it accepts from each peer.