Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IDPS must limit privileges to change software resident within software libraries.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000123-IDPS-000114 | SRG-NET-000123-IDPS-000114 | SRG-NET-000123-IDPS-000114_rule | Medium |
| Description |
|---|
| Changes to any software components of the IDPS can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals should be allowed administrative access to the IDPS for implementing any changes or upgrades. If the IDPS were to enable non-authorized users to make changes to software libraries, those changes could be implemented without undergoing the appropriate testing, validation, and approval. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43245_chk ) |
|---|
| Verify only qualified and authorized individuals have administrative access to the IDPS for implementing any changes or upgrades. If individuals other than the authorized system administrators are allowed to upgrade or change the software, including signature files and rules, this is a finding. |
| Fix Text (F-43245_fix) |
|---|
| Configure a system administrators group with software update and modification privileges. Configure the management console so only member of this group have permission to perform this function. |