UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Sensor traffic in transit must be protected at all times via an Out-of-Band (OOB) network or an encrypted tunnel between site locations.


Overview

Finding ID Version Rule ID IA Controls Severity
V-18496 NET-IDPS-024 SV-20031r2_rule Medium
Description
User interface services must be physically or logically separated from data storage and management services. Data from IDS sensors must be protected by confidentiality controls; from being lost and altered.
STIG Date
Network Infrastructure Policy Security Technical Implementation Guide 2019-03-12

Details

Check Text ( C-21131r2_chk )
Review the network topology diagram and interview the ISSO to determine how the IDS sensor data is transported between sites.

If it is not transported across an OOB network or an encrypted tunnel, this is a finding.
Fix Text (F-19086r2_fix)
Design a communications path for OOB traffic or create an encrypted tunnel using a FIPS 140-2 validated encryption algorithm to protect data.