The ALG must detect network services that have not been authorized or approved by the organization-defined authorization or approval processes.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000384-ALG-000136 | SRG-NET-000384-ALG-000136 | SRG-NET-000384-ALG-000136_rule | Medium |
| Description |
|---|
| Unauthorized or unapproved network services lack organizational verification or validation and therefore, may be unreliable or serve as malicious rogues for valid services. This requirement applies to gateways/firewalls that perform content inspection or have higher-layer proxy functionality. |
| STIG | Date |
|---|---|
| Application Layer Gateway Security Requirements Guide | 2014-06-27 |
Details
| Check Text ( C-SRG-NET-000384-ALG-000136_chk ) |
|---|
| Verify the ALG detects network services that have not been authorized or approved by the organization-defined authorization or approval processes. If the ALG does not detect network services that have not been authorized or approved by the organization-defined authorization or approval processes, this is a finding. |
| Fix Text (F-SRG-NET-000384-ALG-000136_fix) |
|---|
| Configure the ALG to detect network services that have not been authorized or approved by the organization-defined authorization or approval processes. |