The IDPS must employ automated mechanisms to detect the addition of unauthorized components or devices.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34628	SRG-NET-000134-IDPS-00100	SV-45503r1_rule		Medium

Description
This requirement addresses configuration management of the IDPS components as well as detection of unauthorized devices on the network. The IDPS must automatically detect the installation of unauthorized software or hardware sensors and other IDPS components. Monitoring may be accomplished on an ongoing basis or by periodic monitoring. Automated mechanisms can be implemented within the network element and/or in another separate information system or device.

Description

This requirement addresses configuration management of the IDPS components as well as detection of unauthorized devices on the network. The IDPS must automatically detect the installation of unauthorized software or hardware sensors and other IDPS components. Monitoring may be accomplished on an ongoing basis or by periodic monitoring. Automated mechanisms can be implemented within the network element and/or in another separate information system or device.

STIG	Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide	2012-11-19

Details

Check Text ( C-42852r1_chk )
Verify the use of an automated mechanism to detect the addition of unauthorized sensors and other IDPS components or devices. If an automated mechanism is not used to monitor for unauthorized IDPS components or devices, this is a finding.

Fix Text (F-38900r1_fix)
Install and configure an automated mechanism to detect the addition of unauthorized IDPS components, such as rogue sensors or other unauthorized devices.