The IDPS must protect the integrity and availability of publicly available information and applications.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34738	SRG-NET-000224-IDPS-00159	SV-45643r1_rule		Medium

Description
Public-facing servers enable access to information by clients outside of the enclave. These servers are subject to greater exposure to attacks. It is imperative that the integrity of the data is maintained to ensure the enclave does not provide false or erroneous information. The IDPS must provide the necessary protection to ensure availability and integrity of the data and to reduce or eliminate DoS attacks directed against the servers on the public-facing segment. A sensor must be installed to monitor the publicly available segment (e.g., public DMZ).

Description

Public-facing servers enable access to information by clients outside of the enclave. These servers are subject to greater exposure to attacks. It is imperative that the integrity of the data is maintained to ensure the enclave does not provide false or erroneous information. The IDPS must provide the necessary protection to ensure availability and integrity of the data and to reduce or eliminate DoS attacks directed against the servers on the public-facing segment. A sensor must be installed to monitor the publicly available segment (e.g., public DMZ).

STIG	Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide	2012-11-19

Details

Check Text ( C-43009r1_chk )
Examine the architecture diagrams and IDPS configuration. Verify a sensor is installed and configured to monitor and protect the public DMZ. If a sensor is not installed to protect the public DMZ subnet, this is a finding.

Fix Text (F-39041r1_fix)
Install and configure a sensor to monitor the public DMZ subnet.