Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The ALG must alert the IAO, IAM, and other individuals designated by the local organization when unauthorized network services are detected.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000385-ALG-000138 | SRG-NET-000385-ALG-000138 | SRG-NET-000385-ALG-000138_rule | Medium |
| Description |
|---|
| Unauthorized or unapproved network services lack organizational verification or validation and therefore, may be unreliable or serve as malicious rogues for valid services. Appropriate personnel must be notified when such unauthorized services are detected. Automated mechanisms can be used to send automatic alerts or notifications. Such automatic alerts or notifications can be conveyed in a variety of ways (e.g., telephonically, via electronic mail, via text message, or via websites). |
| STIG | Date |
|---|---|
| Application Layer Gateway Security Requirements Guide | 2014-06-27 |
Details
| Check Text ( C-SRG-NET-000385-ALG-000138_chk ) |
|---|
| Verify the ALG alerts the IAO, IAM, and other individuals designated by the local organization when unauthorized network services are detected. If the ALG does not alert the IAO, IAM, and other individuals designated by the local organization when unauthorized network services are detected, this is a finding. |
| Fix Text (F-SRG-NET-000385-ALG-000138_fix) |
|---|
| Configure the ALG to alert the IAO, IAM, and other individuals designated by the local organization when unauthorized network services are detected. |