The IDPS must limit the use of resources by priority.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34709	SRG-NET-000194-IDPS-00142	SV-45595r1_rule		Medium

Description
Priority protection helps prevent a lower priority process from delaying or interfering with the information system servicing any higher-priority process. If priority protection is not implemented, network congestion may result in poor network service because priority traffic may be delayed or dropped, and this in turn could result in a denial of service condition. An additional IDPS component, a load balancer, is recommended for use with larger networks and will facilitate traffic prioritization and bandwidth management.

Description

Priority protection helps prevent a lower priority process from delaying or interfering with the information system servicing any higher-priority process. If priority protection is not implemented, network congestion may result in poor network service because priority traffic may be delayed or dropped, and this in turn could result in a denial of service condition. An additional IDPS component, a load balancer, is recommended for use with larger networks and will facilitate traffic prioritization and bandwidth management.

STIG	Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide	2012-11-19

Details

Check Text ( C-42955r1_chk )
Review the IDPS documentation and system configuration to determine if resource prioritization is implemented as part of the IDPS application. If the system is not configured to prioritize resources, this is a finding.

Fix Text (F-38993r1_fix)
Configure the IDPS to limit the use of resources by priority.