The network element must isolate organizationally defined key information security tools, mechanisms, and support components from other internal information system components via physically separate subnets.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34712	SRG-NET-000197-IDPS-NA	SV-45605r1_rule		Low

Description
To secure the enclave, the site must implement defense-in-depth security. This requires the deployment of various network security elements at strategic locations. The enclave must also be segregated into separate subnets with unique security policies. Subnetting provides a number of essential network services (e.g., public content, remote access, and perimeter protection). If isolation techniques, such as subnetting, are not used, unauthorized access to privileged information could result. The IDPS does not divide the network into subnets.

Description

To secure the enclave, the site must implement defense-in-depth security. This requires the deployment of various network security elements at strategic locations. The enclave must also be segregated into separate subnets with unique security policies. Subnetting provides a number of essential network services (e.g., public content, remote access, and perimeter protection). If isolation techniques, such as subnetting, are not used, unauthorized access to privileged information could result. The IDPS does not divide the network into subnets.

STIG	Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide	2012-11-19

Details

Check Text ( C-42971r1_chk )
This requirement is NA for IDPS. No fix required.

Fix Text (F-39003r1_fix)
This requirement is NA for IDPS. No fix required.