The IDPS must detect network services that have not been authorized or approved by the ISSO or ISSM, at a minimum.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-206910 | SRG-NET-000384-IDPS-00209 | SV-206910r856547_rule | CCI-002683 | medium |
| Description | ||||
| Unauthorized or unapproved network services lack organizational verification or validation and therefore may be unreliable or serve as malicious rogues for valid services. Examples of network services include service-oriented architectures (SOAs), cloud-based services (e.g., infrastructure as a service, platform as a service, or software as a service), cross-domain, Voice Over Internet Protocol, Instant Messaging, auto-execute, and file sharing. To comply with this requirement, the IDPS may be configured to detect services either directly or indirectly (i.e., by detecting traffic associated with a service). | ||||
| STIG | Date | |||
| Intrusion Detection and Prevention Systems Security Requirements Guide | 2025-05-19 | |||
Details
Check Text (C-206910r856547_chk)
Verify the IDPS detects network services that have not been authorized or approved by the ISSO or ISSM, at a minimum.
If the IDPS does not detect network services that have not been authorized or approved by the ISSO or ISSM, at a minimum, this is a finding.
Fix Text (F-7164r298243_fix)
Configure the IDPS to detect network services that have not been authorized or approved by the ISSO or ISSM, at a minimum.