An IDS/IPS must protect the IP-based VTC system within the enclave.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-43028	RTS-VTC 6020	SV-55757r1_rule	EBBD-2	Medium

Description
An enclave supporting an IP-based VTC system that must communicate across an IP WAN must be protected by the existing network IDS/IPS or by the implementation of an IDS/IPS that is dedicated to the VTC enclave. The IDS/IPS must comply with the requirements of the IDS/IPS Security Technical Implementation Guide. Please refer to the “IDPS Security Guidance at a Glance” for additional implementation guidance for Network Intrusion Detection/Prevention Systems.

Description

An enclave supporting an IP-based VTC system that must communicate across an IP WAN must be protected by the existing network IDS/IPS or by the implementation of an IDS/IPS that is dedicated to the VTC enclave. The IDS/IPS must comply with the requirements of the IDS/IPS Security Technical Implementation Guide. Please refer to the “IDPS Security Guidance at a Glance” for additional implementation guidance for Network Intrusion Detection/Prevention Systems.

STIG	Date
Video Services Policy STIG	2020-02-25

Details

Check Text ( C-49185r3_chk )
Review network documentation and verify that the existing enclave network IDS/IPS is protecting the VTC system or that a dedicated IDS/IPS is protecting the VTC enclave. If there is no IDS/IPS protecting the VTC system, this is a finding.

Fix Text (F-48612r2_fix)
Obtain and configure a dedicated IDS/IPS or configure the existing enclave IDS/IPS to protect the VTC system.