The IDPS must be configured to enable automated mechanisms to enforce access restrictions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34603 | SRG-NET-000119-IDPS-00086 | SV-45469r1_rule | Medium |
| Description |
|---|
| Changes to the hardware or software components of the IDPS can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals should be allowed administrative access to the IDPS for implementing any changes or upgrades. |
| STIG | Date |
|---|---|
| Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide | 2012-11-19 |
Details
| Check Text ( C-42818r1_chk ) |
|---|
| Verify automated mechanisms are used to enable access restrictions to the hardware and software for the management console and sensors. Verify security group membership is used when assigning permissions to update and change software and on the management console and sensors. Verify members of this security group are specifically authorized system administrators with a need for this type of access. If the system is not configured to restrict the ability to perform software changes on the IDPS components to authorized system administrators this is a finding. |
| Fix Text (F-38866r1_fix) |
|---|
| Configure the IDPS components to restrict the ability to perform software changes and updates to authorized system administrators only. |