UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IDPS must authenticate an organizationally defined list of specific devices by device type before establishing a connection.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000148-IDPS-000139 SRG-NET-000148-IDPS-000139 SRG-NET-000148-IDPS-000139_rule Low
Description
An IDPS must have a level of trust with any node wanting to connect to it. The remote node could be a host device requiring a layer 2 connection to the network or a router wanting to peer as a neighbor and establish a connection to exchange control plane and forwarding plane traffic. A network control plane is comprised of routing, signaling, and link management protocols; all used to establish the forwarding paths required by the data plane. Disrupting the flow of this information or injecting false information breaks down the integrity or believability of path information.
STIG Date
IDPS Security Requirements Guide (SRG) 2012-03-08

Details

Check Text ( C-43277_chk )
Verify sensor communications to network elements (e.g., sensors, management consoles, routers, syslog servers, and forensics servers) are configured to establish authentication using a unique identifier.
Verify authentication is, in part, based on a list of authorized device types.

If communications between the IDPS and network elements must be based on a list of authorized device types, this is a finding.
Fix Text (F-43277_fix)
Configure the IDPS to authenticate based on a list of authorized device types.