The IDPS must implement security policies for all traffic flows by using security zones at various protection levels as a basis for flow control decisions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000028-IDPS-000050 | SRG-NET-000028-IDPS-000050 | SRG-NET-000028-IDPS-000050_rule | Medium |
| Description |
|---|
| Information flow control regulates where information is allowed to travel within a network and between interconnected networks. The flow of all network traffic must be monitored and controlled so it does not introduce any unacceptable risk to the network infrastructure or data. Restrictions can be enforced using security zones at various protection levels as a basis for flow control decisions. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43175_chk ) |
|---|
| Verify security zones are being used. Verify zones are created to reflect the various protection levels as needed by the organization to monitor traffic flow and respond to anomalies. If the IDPS does not implement security policies for all traffic flows by using security zones at various protection levels as a basis for flow control decisions, this is a finding. |
| Fix Text (F-43175_fix) |
|---|
| Configure the management console to implement security policies for all traffic flows being monitored by the sensors. Create security zones as needed to reflect various protection levels as a basis for flow control decisions. |