The IDPS must provide automated support for account management functions.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000001-IDPS-000021	SRG-NET-000001-IDPS-000021	SRG-NET-000001-IDPS-000021_rule		Low

Description
Account management and distribution is vital to the security of any IDPS. Account management by a designated authority ensures access to IDPS is being controlled in a secured manner by granting access to only authorized personnel with the appropriate and necessary privileges. Providing automated support functions for the management of accounts will ensure only active accounts will be granted access with the proper authorization levels. If account policies are not immediately and automatically enforced, system administrators may not realize that security changes are not being enforced.

Description

Account management and distribution is vital to the security of any IDPS. Account management by a designated authority ensures access to IDPS is being controlled in a secured manner by granting access to only authorized personnel with the appropriate and necessary privileges. Providing automated support functions for the management of accounts will ensure only active accounts will be granted access with the proper authorization levels. If account policies are not immediately and automatically enforced, system administrators may not realize that security changes are not being enforced.

STIG	Date
IDPS Security Requirements Guide (SRG)	2012-03-08

Details

Check Text ( C-43139_chk )
Verify, as accounts are created or terminated and privilege levels are updated, the IDPS automatically and immediately enforces the updated account policy. (A reboot can be required; however, it must be automatically enforced.) If the IDPS components do not provide automatic support for account management functions, this is a finding.

Fix Text (F-43139_fix)
Configure the IDPS to immediately and automatically enforce changes in account policies.