The network element must route organizationally defined internal communications traffic to organizationally defined external networks through authenticated proxy servers within the managed interfaces of boundary protection devices.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34718	SRG-NET-000203-IDPS-NA	SV-45612r1_rule		Low

Description
A proxy server is designed to hide the identity of the client when making a connection to a server on the outside of its network, such as a web server, web mail, and chat rooms. This prevents any hackers on the outside of learning IP addresses within the private network. With a proxy acting as the mediator, the client does not interact directly with the servers it is connecting to. The proxy server is in the middle, handling both sides of the session. Hence, all routing devices must forward traffic to the appropriate proxy to filter the traffic and initiate the sessions with the external server. This requirement applies to proxy servers and is not applicable to the IDPS.

Description

A proxy server is designed to hide the identity of the client when making a connection to a server on the outside of its network, such as a web server, web mail, and chat rooms. This prevents any hackers on the outside of learning IP addresses within the private network. With a proxy acting as the mediator, the client does not interact directly with the servers it is connecting to. The proxy server is in the middle, handling both sides of the session. Hence, all routing devices must forward traffic to the appropriate proxy to filter the traffic and initiate the sessions with the external server. This requirement applies to proxy servers and is not applicable to the IDPS.

STIG	Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide	2012-11-19

Details

Check Text ( C-42978r1_chk )
This requirement is NA for IDPS. No fix required.

Fix Text (F-39010r1_fix)
This requirement is NA for IDPS. No fix required.