UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The ALG must alert the IAO, IAM, and other individuals designated by the local organization when unauthorized network services are detected.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000385-ALG-000138 SRG-NET-000385-ALG-000138 SRG-NET-000385-ALG-000138_rule Medium
Description
Unauthorized or unapproved network services lack organizational verification or validation and therefore, may be unreliable or serve as malicious rogues for valid services. Appropriate personnel must be notified when such unauthorized services are detected. Automated mechanisms can be used to send automatic alerts or notifications. Such automatic alerts or notifications can be conveyed in a variety of ways (e.g., telephonically, via electronic mail, via text message, or via websites).
STIG Date
Application Layer Gateway Security Requirements Guide 2014-06-27

Details

Check Text ( C-SRG-NET-000385-ALG-000138_chk )
Verify the ALG alerts the IAO, IAM, and other individuals designated by the local organization when unauthorized network services are detected.

If the ALG does not alert the IAO, IAM, and other individuals designated by the local organization when unauthorized network services are detected, this is a finding.
Fix Text (F-SRG-NET-000385-ALG-000138_fix)
Configure the ALG to alert the IAO, IAM, and other individuals designated by the local organization when unauthorized network services are detected.