UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IDPS must be configured to implement automated patch management tools to facilitate flaw remediation to network components.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000243-IDPS-000222 SRG-NET-000243-IDPS-000222 SRG-NET-000243-IDPS-000222_rule Medium
Description
It is imperative that the activity promptly installs security relevant software updates from an authorized patch management server to mitigate the risk of new vulnerabilities. Flaws discovered during security assessments, continuous monitoring, incident response activities, or information system error handling, are also addressed expeditiously. Software obtained from unauthorized sources may contain malicious code and may put the enclave at risk.
STIG Date
IDPS Security Requirements Guide (SRG) 2012-03-08

Details

Check Text ( C-43385_chk )
Verify the IDPS is configured to use an automated patch management tool to obtain software updates.

If the sensors are not configured to use a patch management tool to check for and install software and signature updates, this is a finding.

Fix Text (F-43385_fix)
Configure the IDPS components to use a patch management tool to check for and install software and signature updates.