The IDPS must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of DoS attacks.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34708 | SRG-NET-000193-IDPS-00141 | SV-45594r1_rule | Medium |
| Description |
|---|
| Managing excess capacity ensures that sufficient capacity is available to counter flooding attacks. Managing excess capacity may include establishing selected usage priorities, quotas, or partitioning. The device must be configured to contain and limit a DoS attack’s effect on the device’s resource utilization. |
| STIG | Date |
|---|---|
| Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide | 2012-11-19 |
Details
| Check Text ( C-42953r1_chk ) |
|---|
| Review the IDPS documentation and configuration to determine if excess capacity and bandwidth are managed, and if redundancy is built into the system to limit the effects of information flooding types of DoS attacks on IDPS components themselves. If excess capacity and bandwidth are not managed, or redundancy is not built into the architecture, this is a finding. |
| Fix Text (F-38992r1_fix) |
|---|
| Configure the IDPS to manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of DoS attacks. |