The IDPS must enforce access restrictions associated with changes to the system components.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34601 | SRG-NET-000118-IDPS-00085 | SV-45467r1_rule | Medium |
| Description |
|---|
| Changes to the hardware or software components of the IDPS can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals should be allowed administrative access to the IDPS for implementing any changes or upgrades. This requirement applies to update of the application files, configuration, and signatures. |
| STIG | Date |
|---|---|
| Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide | 2012-11-19 |
Details
| Check Text ( C-42816r1_chk ) |
|---|
| Verify only authorized users have permissions for changes, deletes and updates on the IDPS. Inspect the maintenance log to verify changes are being made only by the system administrators. If unauthorized users are allowed to change the hardware or application software, this is a finding. |
| Fix Text (F-38864r1_fix) |
|---|
| Configure the IDPS to enforce access restrictions associated with changes to the system components. |