Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
SRG-NET-000242-IDPS-000220 | SRG-NET-000242-IDPS-000220 | SRG-NET-000242-IDPS-000220_rule | Low |
Description |
---|
The system administrator must monitor IAVM, OS, or OEM patch or vulnerability notices. Software flaw remediation and tracking is ideally performed by a patch management/remediation server. Depending on the IDPS used, this requirement can be accomplished by configuring the device to work with the remediation server. However, it is also acceptable if the remediation server is configured to fulfill this requirement and notify the administrator when updates are required. It is not recommended for the IDPS to directly connect to the vendor or any other external site. A patch management server must be used as the source of software updates. Unsupported versions will lack security enhancements as well as support provided by the vendors to address vulnerabilities. |
STIG | Date |
---|---|
IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Check Text ( C-43383_chk ) |
---|
Research the vendor's vulnerability list and current version/revision. This can be obtained on the vendor's support page of the website. Verify security patches and software updates are still being issued for the installed version of the IDPS firmware of application software. If the system is not configured to use a vendor-supported version of the firmware or application software, this is a finding. |
Fix Text (F-43383_fix) |
---|
Configure the IDPS to use a vendor-supported version of the firmware or application software. |