UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IDPS must perform real-time monitoring of files from external sources at network entry/exit points.


Overview

Finding ID Version Rule ID IA Controls Severity
V-55359 SRG-NET-000248-IDPS-00206 SV-69605r1_rule Medium
Description
Real-time monitoring of files from external sources at network entry/exit points helps to detect covert malicious code before it is downloaded to or executed by internal and external endpoints. Using malicious code, such as viruses, worms, Trojan horses, and spyware, an attacker may gain access to sensitive data and systems. IDPSs innately meet this requirement for real-time scanning for malicious code when properly configured to meet the requirements of this SRG. However, most products perform communications traffic inspection at the packet level.
STIG Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide 2017-07-07

Details

Check Text ( C-55983r1_chk )
Verify the IDPS performs real-time monitoring of files from external sources at network entry/exit points.

If the IDPS does not perform real-time monitoring of files from external sources at network entry/exit points, this is a finding.
Fix Text (F-60227r1_fix)
Configure the IDPS to perform real-time monitoring of files from external sources at network entry/exit points.