The router must enforce information flow control based on organization-defined metadata.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-278999 | SRG-NET-000280 | SRG-NET-000280-RTR-000001 | SV-278999r1137945_rule | 2025-09-10 | 5 |
Description
Enforcing allowed information flows based on metadata enables simpler and more effective flow control. Metadata is information used to describe the characteristics of data. Metadata can include structural metadata describing data structures (e.g., data format, syntax, and semantics) or descriptive metadata describing data contents (e.g., age, location, telephone number).
This requirement also applies to Zero Trust initiatives.
ℹ️ Check
Verify the router is configured to enforce information flow control based on organization-defined metadata.
If the router does not enforce information flow control based on organization-defined metadata, this is a finding.
✔️ Fix
Configure the router to enforce information flow control based on organization-defined metadata.