The IDPS must identify and respond to potential security-relevant error conditions.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000272-IDPS-000216	SRG-NET-000272-IDPS-000216	SRG-NET-000272-IDPS-000216_rule		Low

Description
Error messages generated by various components and services of the network devices can indicate a possible security violation or breach. It is imperative the IDPS is configured to be able to recognize those error messages that can be a symptom of a compromise and to provide notification. The extent to which the IDPS is able to identify and handle error conditions should be guided by organizational policy, operational requirements, as well as best practices.

Description

Error messages generated by various components and services of the network devices can indicate a possible security violation or breach. It is imperative the IDPS is configured to be able to recognize those error messages that can be a symptom of a compromise and to provide notification. The extent to which the IDPS is able to identify and handle error conditions should be guided by organizational policy, operational requirements, as well as best practices.

STIG	Date
IDPS Security Requirements Guide (SRG)	2012-03-08

Details

Check Text ( C-43379_chk )
Verify signatures or rules exist on the management console for scanning the data for excessive error messages from network components. Verify signature or rules exist to identify and respond to potential security-relevant error conditions. If the system is not configured to identify and respond to potential security-relevant error conditions, this is a finding.

Fix Text (F-43379_fix)
Configure the system to identify and respond to potential security-relevant error conditions