The network element must maintain the confidentiality of information during aggregation, packaging, and transformation in preparation for transmission.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34727 | SRG-NET-000212-IDPS-NA | SV-45624r1_rule | Low |
| Description |
|---|
| If the organization is relying on a commercial service provider for transmission services as a commodity item rather than a fully dedicated service for both internal and external connectivity, it may be more difficult to obtain the necessary assurances regarding the implementation of needed security controls for transmission confidentiality. When it is infeasible or impractical to obtain the necessary security controls and assurances of control effectiveness through appropriate contracting vehicles, the organization either implements appropriate compensating security controls or explicitly accepts the additional risk. Aggregation and encapsulation of network level traffic is not a function of the IDPS, thus this requirement is not applicable. |
| STIG | Date |
|---|---|
| Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide | 2012-11-19 |
Details
| Check Text ( C-42990r1_chk ) |
|---|
| This requirement is NA for IDPS. No fix required. |
| Fix Text (F-39022r1_fix) |
|---|
| This requirement is NA for IDPS. No fix required. |