The network element must separate user functionality (including user interface services) from information system management functionality.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34699	SRG-NET-000182-IDPS-NA	SV-45584r1_rule		Low

Description
The IDPS must prevent the presentation of information system management functionality at an interface for general (i.e., non-privileged) users. The intent of this control enhancement is to ensure administration options are not available to general or unauthorized users (including prohibiting the use of the grey-out option commonly used to eliminate accessibility to such information). For example, administration options are not presented until the user has appropriately established a session with administrator privileges. Non-privileged (general) users are not allowed access to the IDPS components, thus this requirement is not applicable.

Description

The IDPS must prevent the presentation of information system management functionality at an interface for general (i.e., non-privileged) users. The intent of this control enhancement is to ensure administration options are not available to general or unauthorized users (including prohibiting the use of the grey-out option commonly used to eliminate accessibility to such information). For example, administration options are not presented until the user has appropriately established a session with administrator privileges. Non-privileged (general) users are not allowed access to the IDPS components, thus this requirement is not applicable.

STIG	Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide	2012-11-19

Details

Check Text ( C-42939r1_chk )
This requirement is NA for IDPS. No fix required.

Fix Text (F-38982r1_fix)
This requirement is NA for IDPS. No fix required.