UCF STIG Viewer Logo

The IDPS must support and maintain the binding of organizationally defined security attributes to information in transmission.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000056-IDPS-000002 SRG-NET-000056-IDPS-000002 SRG-NET-000056-IDPS-000002_rule Medium
Description
Security attribute assignments (e.g., metadata, classification, user access privileges, or affiliation) are abstractions representing the basic properties or characteristics of an entity. Attributes may be bound to data and then used in various applications within the IDPS to enable access control, flow control, information handling, and other information security policy processes. Examples of possible IDPS security attributes that may be used by the organization to implement security policy include: session of packet identifiers; source and destination IP addresses; protocol identifiers; traffic classification based on Quality of Service (QoS) markings for preferred treatment; or Virtual Local Area Network (VLAN) identification. Security attributes and labels should be leveraged to protect stored information, as well as information flowing to external devices. Information stored, processed, and transmitted by the IDPS include sensors event logs, local audit logs, and application files. Security attributes and labels must also be leveraged to protect communications between sensors, the management console, non-local management computers, firewalls, routers, and other network elements. If the security attributes are disassociated from the information being transmitted, stored, or processed, then access control policies and information flows which depend on these security attributes will not function and unauthorized subjects or entities may gain access to the information.
STIG Date
IDPS Security Requirements Guide (SRG) 2012-03-08

Details

Check Text ( C-43113_chk )
Verify security attributes are not removed during transmission for information to system components and other systems (sensors, the management console, non-local management computers, firewalls, routers, and other network elements.)

If the IDPS does not support and maintain the binding of organizationally defined security attributes to information in transmission, this is a finding.
Fix Text (F-43113_fix)
Configure the IDPS management console to support and maintain the binding of organizationally defined security attributes for information being transmitted between system components and external systems.