Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IDPS must enforce dynamic traffic flow control based on policy allowing or disallowing flows based upon traffic types and rates within or out of profile.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000029-IDPS-000051 | SRG-NET-000029-IDPS-000051 | SRG-NET-000029-IDPS-000051_rule | Medium |
| Description |
|---|
| Information flow control regulates where information is allowed to travel within a network and between interconnected networks. The flow of all network traffic must be monitored and controlled so it does not introduce any unacceptable risk to the network infrastructure or data. Restrictions can be enforced based on policy allowing or disallowing flows based upon traffic types and rates within or out of profile. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43176_chk ) |
|---|
| View the rules on the IDPS. Verify changes in traffic flow controls are added/updated to the rules. When changes are made, these changes should take effect immediately and the sensors should begin monitoring using the updated rule set. If the IDPS is not configured to enforce restrictions for traffic flow based on types and level of traffic based on the typically expected patterns, this is a finding. |
| Fix Text (F-43176_fix) |
|---|
| Create traffic flow rules to monitor and enforce traffic flow. |