STIGQter STIGQter: STIG Summary: Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide Version: 2 Release: 6 Benchmark Date: 24 Jul 2020:

The IDPS must restrict or block harmful or suspicious communications traffic between interconnected networks based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic.

DISA Rule

SV-45262r2_rule

Vulnerability Number

V-34485

Group Title

SRG-NET-000019-IDPS-00019

Rule Version

SRG-NET-000019-IDPS-00019

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the IDPS to enforce approved authorizations by restricting or blocking the flow of harmful or suspicious communications traffic for controlling the flow of information between interconnected networks as defined in the PPSM CAL and vulnerability assessments.

Check Contents

Verify the IDPS enforces approved authorizations by restricting or blocking the flow of harmful or suspicious communications traffic for controlling the flow of information between interconnected networks as defined in the PPSM CAL and vulnerability assessments.

If the IDPS does not enforce approved authorizations by restricting or blocking the flow of harmful or suspicious communications traffic for controlling the flow of information between interconnected networks as defined in the PPSM CAL and vulnerability assessments, this is a finding.

Vulnerability Number

V-34485

Documentable

False

Rule Version

SRG-NET-000019-IDPS-00019

Severity Override Guidance

Verify the IDPS enforces approved authorizations by restricting or blocking the flow of harmful or suspicious communications traffic for controlling the flow of information between interconnected networks as defined in the PPSM CAL and vulnerability assessments.

If the IDPS does not enforce approved authorizations by restricting or blocking the flow of harmful or suspicious communications traffic for controlling the flow of information between interconnected networks as defined in the PPSM CAL and vulnerability assessments, this is a finding.

Check Content Reference

M

Target Key

2358

Comments