The IDPS must enforce access restrictions associated with changes to the information system.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000118-IDPS-000116	SRG-NET-000118-IDPS-000116	SRG-NET-000118-IDPS-000116_rule		Medium

Description
Changes to the hardware or software components of the IDPS can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals should be allowed administrative access to the IDPS for implementing any changes or upgrades. This requirement applies to update of the application files, configuration, and signatures. Changes to the operating system will be addressed in the operating system STIG.

Description

Changes to the hardware or software components of the IDPS can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals should be allowed administrative access to the IDPS for implementing any changes or upgrades. This requirement applies to update of the application files, configuration, and signatures. Changes to the operating system will be addressed in the operating system STIG.

STIG	Date
IDPS Security Requirements Guide (SRG)	2012-03-08

Details

Check Text ( C-43247_chk )
Ask the site representative how hardware and software maintenance is done. Verify only authorized users have permissions for changes, deletes and updates on the IDPS. If unauthorized users are allowed to change the hardware or application software, this is a finding.

Fix Text (F-43247_fix)
Configure the IDPS to the minimum required to maintain the system. If there is a maintenance log, inspect it to verify changes are being made only by the system administrators.