Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The ALG must be configured to integrate with a system-wide intrusion detection system.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000383-ALG-000135 | SRG-NET-000383-ALG-000135 | SRG-NET-000383-ALG-000135_rule | Medium |
| Description |
|---|
| Without coordinated reporting between separate devices, it is not possible to identify the true scale and possible target of an attack. Integration of the ALG with a system-wide intrusion detection system supports continuous monitoring and incident response programs. This requirement applies to monitoring at internal boundaries using SSL gateways, web content filters, email gateways, and other types of ALGs. ALGs can work as part of the network monitoring capabilities to off-load inspection functions from the external boundary IDPS by performing more granular content inspection of protocols at the upper layers of the OSI reference model. |
| STIG | Date |
|---|---|
| Application Layer Gateway Security Requirements Guide | 2014-06-27 |
Details
| Check Text ( C-SRG-NET-000383-ALG-000135_chk ) |
|---|
| Verify the ALG integrates with a system-wide intrusion detection system. If the ALG does not integrate with a system-wide intrusion detection system, this is a finding. |
| Fix Text (F-SRG-NET-000383-ALG-000135_fix) |
|---|
| Configure the ALG to integrate with a system-wide intrusion detection system. |