STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 1 hour ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Juniper SRX SG NDM Security Technical Implementation Guide

V-66605

CAT I (High)

For nonlocal maintenance sessions, the Juniper SRX Services Gateway must explicitly deny the use of J-Web.

Rule ID

SV-81095r1_rule

STIG

Juniper SRX SG NDM Security Technical Implementation Guide

Version

V1R3

CCIs

CCI-000382

Discussion

If unsecured functions (lacking FIPS-validated cryptographic mechanisms) are used for management sessions, the contents of those sessions are susceptible to manipulation, potentially allowing alteration and hijacking. J-Web (configured using the system services web-management option) does not meet the DoD requirement for management tools. It also does not work with all Juniper SRX hardware. By default, the web interface is disabled; however, it is easily enabled.

Check Content

Verify web-management is not enabled.

[edit]
show system services web-management

If a stanza exists that configures web-management service options, this is a finding.

Fix Text

Remove the web-management service.

[edit]
delete system services web-management