The IDPS must terminate all sessions when non-local maintenance is completed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000178-IDPS-000165 | SRG-NET-000178-IDPS-000165 | SRG-NET-000178-IDPS-000165_rule | Medium |
| Description |
|---|
| In the event the remote node has abnormally terminated or an upstream link from the managed device is down, the management session will be terminated; thereby, freeing device resources and eliminating any possibility of an unauthorized user being orphaned to an open idle session of the managed device. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43305_chk ) |
|---|
| Examine the vendor documentation. Verify the sensors terminate remote access sessions when the user abnormally terminates or is disconnected. If sessions are not terminated when the session is abnormally aborted, this is a finding. |
| Fix Text (F-43305_fix) |
|---|
| Configure the sensors and other components to terminate idle sessions after 10 minutes. |