Encrypt Level 3 information if not locally secure Encrypt Level 3 information if not assured of a locally secure location.
Configure firewall for allowed administration The firewall must be configured to only permit administrative access from the specific systems used by the administrators for the specific service.
Configure firewall to permit required traffic The firewall must be configured to only permit inbound traffic that is required for the proper operation of the server.
Implement firewall between server and network There must be a firewall between the server and any network which includes user computers. This can be a host-based firewall.
Force re-authentication with locking screensaver Force re-authentication with a locking screen saver on client machine.
Block excessive logins Block user from logging in for a period of time after no more than 10 successive invalid login attempts.
Permit only competent operation of servers It is important that anyone who performs administrative responsibilities on these systems have sufficient technical knowledge, via experience and/or training, to be able to implement these requirements and recognize when they need to seek help.