The network device must be configured to perform organizationally defined actions in response to malicious code detection.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000249-NDM-NA	SRG-NET-000249-NDM-NA	SRG-NET-000249-NDM-NA_rule		Medium

Description
Organizations may determine that in response to malicious code detection, different actions may be warranted for different situations. For example, the network device may send different alerts, block malicious packets, block the IP address, or update the network device depending on the capabilities of the implementation. Upon detection of traffic transporting malicious code, the network device must perform organizationally defined actions to notify or prevent malicious code from further impacting the network. This requirement is applicable to specific devices and does not involve the management of a network device.

Description

Organizations may determine that in response to malicious code detection, different actions may be warranted for different situations. For example, the network device may send different alerts, block malicious packets, block the IP address, or update the network device depending on the capabilities of the implementation. Upon detection of traffic transporting malicious code, the network device must perform organizationally defined actions to notify or prevent malicious code from further impacting the network. This requirement is applicable to specific devices and does not involve the management of a network device.

STIG	Date
Network Device Management Security Requirements Guide	2013-07-30

Details

Check Text ( C-SRG-NET-000249-NDM-NA_chk )
This requirement is NA for network device management.

Fix Text (F-SRG-NET-000249-NDM-NA_fix)
This requirement is NA for network device management.