The ALG must alert the IAO, IAM, and other individuals designated by the local organization when real time intrusion detection (based on ALG security policy filters) events occur.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000392-ALG-000141	SRG-NET-000392-ALG-000141	SRG-NET-000392-ALG-000141_rule		Medium

Description
Without a real time alert, security personnel may be unaware when security events occur, thus the ALG must notify the appropriate support personnel to ensure action is taken to resolve the incident. Automated mechanisms can be used to send automatic alerts or notifications. Such automatic alerts or notifications can be conveyed in a variety of ways (e.g., telephonically, via electronic mail, via text message, or via websites).

Description

Without a real time alert, security personnel may be unaware when security events occur, thus the ALG must notify the appropriate support personnel to ensure action is taken to resolve the incident. Automated mechanisms can be used to send automatic alerts or notifications. Such automatic alerts or notifications can be conveyed in a variety of ways (e.g., telephonically, via electronic mail, via text message, or via websites).

STIG	Date
Application Layer Gateway Security Requirements Guide	2014-06-27

Details

Check Text ( C-SRG-NET-000392-ALG-000141_chk )
Verify the ALG is configured to send an alert to the IAO, IAM, and organizationally identified individuals when intrusion attempts are detected. If the ALG is not configured to send an alert to the IAO, IAM, and other organizationally identified individuals when real time intrusion detection events occur, this is a finding.

Fix Text (F-SRG-NET-000392-ALG-000141_fix)
Configure the ALG to send an alert to the IAO, IAM, and other organizationally identified individuals when intrusion attempts are detected.