STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 5 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Juniper SRX Services Gateway NDM Security Technical Implementation Guide

V-223180

CAT III (Low)

The Juniper SRX Services Gateway must limit the number of concurrent sessions to a maximum of 10 or less for remote access using SSH.

Rule ID

SV-223180r960735_rule

STIG

Juniper SRX Services Gateway NDM Security Technical Implementation Guide

Version

V3R3

CCIs

CCI-000054

Discussion

The connection-limit command limits the total number of concurrent SSH sessions. To help thwart brute force authentication attacks, the connection limit should be as restrictive as operationally practical Juniper Networks recommends the best practice of setting 10 (or less) for the connection-limit. This configuration will permit up to 10 users to log in to the device simultaneously, but an attempt to log an 11th user into the device will fail. The attempt will remain in a waiting state until a session is terminated and made available.

Check Content

Verify the Juniper SRX sets a connection-limit for the SSH protocol.

Show system services ssh

If the SSH connection-limit is not set to 10 or less, this is a finding.

Fix Text

Configure the SSH protocol to limit connection and sessions per connection.

[edit]
set system services ssh connection-limit 10
set system services ssh max-sessions-per-connection 1