The IDPS must implement host based boundary protection mechanisms.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34711	SRG-NET-000196-IDPS-00144	SV-45598r1_rule		Low

Description
A host-based boundary protection mechanism is, for example, a host based firewall. Host based boundary protection mechanisms are employed on devices to protect the asset where the data resides and to inspect data that has been decrypted. Host based firewalls also allow for finer granularity when determining which ports, protocols, and services need to be enabled on a system by system basis. Without a host based protection mechanism, the IDPS may not have adequate protection against attacks that may not be detected at the perimeter firewall.

Description

A host-based boundary protection mechanism is, for example, a host based firewall. Host based boundary protection mechanisms are employed on devices to protect the asset where the data resides and to inspect data that has been decrypted. Host based firewalls also allow for finer granularity when determining which ports, protocols, and services need to be enabled on a system by system basis. Without a host based protection mechanism, the IDPS may not have adequate protection against attacks that may not be detected at the perimeter firewall.

STIG	Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide	2012-11-19

Details

Check Text ( C-42959r1_chk )
Review the IDPS components to determine if a host based protection mechanism (e.g., HBSS) is used. If a host based protection tool is not configured, this is a finding.

Fix Text (F-38996r1_fix)
Employ a host based protection tool (e.g., HBSS) on the IDPS sensors and management console/server.