The application server must disable network access by unauthorized components/devices or notify designated organizational officials.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35636	SRG-APP-000228-AS-NA	SV-46923r1_rule		Medium

Description
Maintaining system and network integrity requires that all systems on the network are identified and accounted for. Without an accurate accounting of systems utilizing the network, the opportunity exists for the introduction of rogue systems. The significance of this type of security compromise increases exponentially over time and could become a persistent threat. Therefore, organizations must employ automated mechanisms to detect the addition of unauthorized devices. This is a configuration management application requirement that does not apply to application servers.

Description

Maintaining system and network integrity requires that all systems on the network are identified and accounted for. Without an accurate accounting of systems utilizing the network, the opportunity exists for the introduction of rogue systems. The significance of this type of security compromise increases exponentially over time and could become a persistent threat. Therefore, organizations must employ automated mechanisms to detect the addition of unauthorized devices. This is a configuration management application requirement that does not apply to application servers.

STIG	Date
Application Server Security Requirements Guide	2013-01-08

Details

Check Text ( C-43979r1_chk )
This requirement is NA for the AS SRG.

Fix Text (F-40178r1_fix)
The requirement is NA. No fix is required