STIGQter: STIG Summary: Application Layer Gateway (ALG) Security Requirements Guide (SRG) Version: 1 Release: 2 Benchmark Date: 24 Jul 2015:

The ALG providing content filtering must be configured to integrate with a system-wide intrusion detection system.

DISA Rule

SV-68911r1_rule

Vulnerability Number

V-54665

Group Title

SRG-NET-000383-ALG-000135

Rule Version

SRG-NET-000383-ALG-000135

Severity

CAT II

CCI(s)

• CCI-002656 - The organization configures individual intrusion detection tools into an information system-wide intrusion detection system.

Weight

10

Fix Recommendation

If the ALG performs content filtering as part of the traffic management functionality, configure the ALG to integrate with a system-wide intrusion detection system.

Check Contents

If the ALG does not perform content filtering as part of the traffic management functions, this is not applicable.

Verify the ALG integrates with a system-wide intrusion detection system.

If the ALG does not integrate with a system-wide intrusion detection system, this is a finding.

Vulnerability Number

V-54665

Documentable

False

Rule Version

SRG-NET-000383-ALG-000135

Severity Override Guidance

If the ALG does not perform content filtering as part of the traffic management functions, this is not applicable.

Verify the ALG integrates with a system-wide intrusion detection system.

If the ALG does not integrate with a system-wide intrusion detection system, this is a finding.

Check Content Reference

M

Target Key

2489

Comments