UCF STIG Viewer Logo

The IDPS must enforce organizationally defined one-way traffic flows using hardware mechanisms.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000032-IDPS-000053 SRG-NET-000032-IDPS-000053 SRG-NET-000032-IDPS-000053_rule Medium
Description
Information flow control regulates where information is allowed to travel within a network and between interconnected networks. The flow of all network traffic must be monitored and controlled so it does not introduce any unacceptable risk to the network infrastructure or data.
STIG Date
IDPS Security Requirements Guide (SRG) 2012-03-08

Details

Check Text ( C-43180_chk )
Verify rules exist to monitor network traffic for violations of one-way traffic flow restrictions.
Verify the unauthorized traffic is dropped.

If a rule or signature does not exist which monitors for one-way traffic rules, this is a finding.
If the site does not require one-way traffic monitoring, this is not applicable.
Fix Text (F-43180_fix)
Create a rule in the IDPS which blocks traffic flowing in unauthorized directions on the monitored network segment.