UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IDPS must terminate the connection associated with a communications session at the end of the session or after an organizationally defined time period of inactivity.


Overview

Finding ID Version Rule ID IA Controls Severity
V-34728 SRG-NET-000213-IDPS-00155 SV-45625r1_rule Medium
Description
Terminating network connections associated with communications sessions include, de-allocating associated TCP/IP address/port pairs at the operating system level, or de-allocating networking assignments at the application level if multiple application sessions are using a single, operating system level network connection. If sessions are not terminated when a transaction has completed, the session has the potential to be hijacked by an adversary. The time period of inactivity may, as the organization deems necessary, be a set of time periods by type of network access or for specific accesses.
STIG Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide 2012-11-19

Details

Check Text ( C-42991r1_chk )
Examine the vendor documentation or the configuration for communications between the sensors, management console, or other network device.
Verify IDPS sensors and management servers terminate and close the session once the communication is no longer required or active.

If the IDPS application does not terminate and close sessions once the session is not needed, this is a finding.
Fix Text (F-39023r1_fix)
Configure the IDPS system to terminate communication sessions when the transaction has ended or after an organizationally defined time period.