UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IDPS must verify the integrity of updates obtained directly from the vendor.


Overview

Finding ID Version Rule ID IA Controls Severity
V-34759 SRG-NET-000246-IDPS-00175 SV-45683r2_rule Medium
Description
If the integrity of updates downloaded directly from the vendor is not verified, then malicious code or errors may impact the ability of the IDPS to protect against harmful communication traffic. The recommended verification method depends on the update's format, as follows: 1. For files downloaded from a Web site or FTP site, administrators should compare file checksums provided by the vendor with checksums that they compute for the downloaded files. 2. For updates downloaded automatically through the IDPS user interface, if an update is downloaded as a single file or a set of files, either checksum provided by the vendor should be compared to checksums generated by the administrator, or the IDPS user interface itself should perform some sort of integrity check. In some cases, updates are downloaded and installed as one action, precluding checksum verification. In this case, the IDPS user interface should check each update' s integrity as part of this process. 3. In the case of removable media (e.g., CD, DVD), vendors may not provide a specific method for customers to verify the legitimacy of removable media apparently sent by the vendors. If media verification is a concern, administrators should contact their vendors to determine how the media can be verified, such as comparing vendor-provided checksums to checksums computed for files on the media, or verifying digital signatures on the media's contents to ensure they are valid. Administrators should also consider scanning the media for malware, with the caveat that false positives may be triggered by IDPS signatures for malware on the media.
STIG Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide 2019-10-01

Details

Check Text ( C-43049r2_chk )
Verify the IDPS verifies the integrity of updates obtained directly from the vendor.

If the IDPS does not verify the integrity of updates obtained directly from the vendor, this is a finding.
Fix Text (F-39081r3_fix)
Configure the IDPS to verify the integrity of updates obtained directly from the vendor.