STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Application Layer Gateway Security Requirements Guide

V-204971

CAT II (Medium)

The ALG that is part of a CDS must block the transfer of data with malformed security attribute metadata structures.

Rule ID

SV-204971r1137553_rule

STIG

Application Layer Gateway Security Requirements Guide

Version

V2R3

CCIs

CCI-000030, CCI-000366

Discussion

Enforcing allowed information flows based on metadata enables simpler and more effective flow control. Metadata is information used to describe the characteristics of data. Metadata can include structural metadata describing data structures (e.g., data format, syntax, and semantics) or descriptive metadata describing data contents (e.g., age, location, telephone number). For cross domain solutions, security attributes are defined as, at a minimum, source and destination address. This requirement also applies to Zero Trust initiatives.

Check Content

If the ALG is not part of a CDS, this is not applicable.

Verify the ALG is configured to block the transfer of data with malformed security attribute metadata structures.

If the ALG is not configured to block the transfer of data with malformed security attribute metadata structures, this is a finding.

Fix Text

If the ALG is part of a CDS, configure the ALG to block the transfer of data with malformed security attribute metadata structures.