Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IDPS must employ automated mechanisms to respond to unauthorized changes to organizationally defined configuration settings.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000128-IDPS-000120 | SRG-NET-000128-IDPS-000120 | SRG-NET-000128-IDPS-000120_rule | Medium |
| Description |
|---|
| Uncoordinated or incorrect configuration changes to network components can potentially lead to network outages and possibly compromises. Centrally managing configuration changes for the IDPS can ensure they are done at the correct time and if necessary in synchronization with each other which can be vital for nodes that peer and require compatible configurations. Centralized configuration management also provides visibility and tracking of enterprise level activity promoting a sound configuration management procedure as well as an automatic mechanism to initiate an alert when an unauthorized change has been detected. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43251_chk ) |
|---|
| Verify the IDPS is configured to alarm or send an alert when changes, updates, and deletions are made. If automated mechanisms are not configured to respond to unauthorized changes in configuration settings, this is a finding. |
| Fix Text (F-43251_fix) |
|---|
| Configure the IDPS to alert on changes in configuration settings to network components. |