UCF STIG Viewer Logo

DBN-6300 IDPS Security Technical Implementation Guide


Overview

Date Finding Count (16)
2017-09-15 CAT I (High): 0 CAT II (Med): 16 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC II - Mission Support Classified)

Finding ID Severity Title
V-65025 Medium When implemented for protection of the database tier, the DBN-6300 must be logically connected for maximum database traffic visibility.
V-65021 Medium The DBN-6300 must continuously monitor inbound communications traffic between the application tier and the database tier for unusual/unauthorized activities or conditions at the SQL level.
V-65023 Medium The DBN-6300 must off-load log records to a centralized log server in real time.
V-65015 Medium The DBN-6300 must support centralized management and configuration of the content captured in audit records generated by all DBN-6300 components.
V-64999 Medium In the event of a logging failure, caused by loss of communications with the central logging server, the DBN-6300 must queue audit records locally until communication is restored or until the audit records are retrieved manually or using automated synchronization tools.
V-65019 Medium The DBN-6300 must integrate with a network-wide monitoring capability.
V-65009 Medium To protect against unauthorized data mining, the DBN-6300 must detect SQL code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.
V-64977 Medium To help detect unauthorized data mining, the DBN-6300 must detect code injection attacks launched against data storage objects, including, at a minimum, databases, database records, queries, and fields.
V-65003 Medium The DBN-6300 must generate log events for detection events based on anomaly analysis.
V-65011 Medium To protect against unauthorized data mining, the DBN-6300 must detect code injection attacks launched against application objects including, at a minimum, application URLs and application code/input fields.
V-65001 Medium In the event of a logging failure caused by the lack of log record storage capacity, the DBN-6300 must continue generating and storing audit records if possible, overwriting the oldest audit records in a first-in-first-out manner.
V-65013 Medium To protect against unauthorized data mining, the DBN-6300 must detect SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.
V-65007 Medium To protect against unauthorized data mining, the DBN-6300 must monitor for and detect SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields.
V-65059 Medium When implemented for discovery protection against unidentified or rogue databases, the DBN-6300 must provide a catalog of all visible databases and database services.
V-65005 Medium The DBN-6300 must install system updates when new releases are available in accordance with organizational configuration management policy and procedures.
V-65017 Medium The DBN-6300 must off-load log records to a centralized log server.