The network element must perform data origin authentication and data integrity verification on the name/address resolution responses the system receives from authoritative sources when requested by client systems.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34651	SRG-NET-000302-IDPS-NA	SV-45526r1_rule		Low

Description
A recursive resolving or caching domain name system (DNS) server is an example of an information system that provides name/address resolution service for local clients. Authoritative DNS servers are examples of authoritative sources. Network elements that use technologies other than the DNS to map between host/service names and network addresses provide other means to enable clients to verify the authenticity and integrity of response data. This requirement is a function of the DNS and is not applicable to the IDPS.

Description

A recursive resolving or caching domain name system (DNS) server is an example of an information system that provides name/address resolution service for local clients. Authoritative DNS servers are examples of authoritative sources. Network elements that use technologies other than the DNS to map between host/service names and network addresses provide other means to enable clients to verify the authenticity and integrity of response data. This requirement is a function of the DNS and is not applicable to the IDPS.

STIG	Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide	2012-11-19

Details

Check Text ( C-42875r1_chk )
This requirement is NA for IDPS. No fix required.

Fix Text (F-38923r1_fix)
This requirement is NA for IDPS. No fix required.