UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IAO/NSO will ensure the IDS or firewall is configured to alert the administrator of a potential attack or system failure.


Overview

Finding ID Version Rule ID IA Controls Severity
V-3176 NET0390 SV-3176r1_rule ECAT-2 ECSC-1 Medium
Description
The IDS or firewall is the first device that is under the sites control that has the possibility to alarm the local staff of an ongoing attack. An alert from either of these devices can be the first indication of an attack or system failure.
STIG Date
IDS/IPS Security Technical Implementation Guide 2013-10-08

Details

Check Text ( C-3680r1_chk )
The SA shall define clipping levels / thresholds as a baseline to display alert messages on specific attacks identifying the potential security violation or attack. Review the IDS or firewall configuration to determine what alerts have been defined and how the notifications are performed.
Fix Text (F-3201r1_fix)
Configure the IDS or firewall to alarm the SA of potential attacks or system failure.