UCF STIG Viewer Logo

The IDPS must enforce security policies regarding information on interconnected systems.


Overview

Finding ID Version Rule ID IA Controls Severity
V-34493 SRG-NET-000023-IDPS-00025 SV-45310r1_rule Medium
Description
Transferring information between interconnected information systems of differing security policies introduces the risk of the transfers violating one or more policies. It is imperative for policy guidance from information owners be implemented at the policy enforcement point between the interconnected systems. This requirement applies to IPS (rather than IDS systems) implementations only because it requires the enforcement of security policy. If the IPS is configured to transfer threat information to the firewall or other devices do not adhere to the security policy of the other device, the network security posture for devices interconnected with the IDPS could be compromised. Enforcement is done by an IPS and is not a function of an IDS. If the IDPS is configured to update other network devices (e.g., firewall ACL) and the update process violates the access control policy of the updated device, this is an issue which must be resolved. However, the IDPS must also be configured to monitor and enforce the security policies between other interconnected systems.
STIG Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide 2012-11-19

Details

Check Text ( C-42657r1_chk )
Inspect the rules and signatures configured to monitor, block and or redirect network traffic based on detected events between interconnected systems.
Verify the IDPS is configured to enforce the security policies between interconnected systems.

If the IDPS is not configured to enforce security policies regarding information on interconnected systems, this is a finding.
Fix Text (F-38705r1_fix)
Configure the IDPS and other devices with which it interconnects, so the security policy on all devices is not by-passed. Configure the IDPS to enforce security policies regarding information on interconnected systems.