Intrusion detection and prevention capabilities must be architected and implemented to prevent non-privileged users from circumventing such protections.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-47951	SOL-11.1-090170	SV-60823r1_rule		Low

Description
Non-privileged users must not be able to alter intrusion detection and prevention systems to ensure these systems work properly. This can be accomplished through the use of user roles, use of proper systems permissions, auditing, logging, etc.

STIG	Date
Solaris 11 SPARC Security Technical Implementation Guide	2017-06-21

Details

Check Text ( C-50387r1_chk )
The operator will ensure that DoD approved intrusion detection software is installed, operating, and updated monthly. The configurations will be updated regularly. The software will be maintained per vendor documentation. If the operator is unable to provide a documented configuration for an installed intrusion detection system or if the intrusion detection system is not properly configured, maintained or used, this is a finding.

Check Text ( C-50387r1_chk )

The operator will ensure that DoD approved intrusion detection software is installed, operating, and updated monthly. The configurations will be updated regularly. The software will be maintained per vendor documentation.

If the operator is unable to provide a documented configuration for an installed intrusion detection system or if the intrusion detection system is not properly configured, maintained or used, this is a finding.

Fix Text (F-51563r1_fix)
The operator will ensure that DoD approved intrusion detection software is installed, operating, and updated monthly. The configurations will be updated regularly. The software will be maintained per vendor documentation.