STIGQter: STIG Summary: Network Infrastructure Policy Security Technical Implementation Guide Version: 9 Release: 10 Benchmark Date: 24 Jan 2020:

An Intrusion Detection and Prevention System (IDPS) sensor must be deployed to monitor all Demilitarized Zone (DMZ) segments housing public servers.

DISA Rule

SV-20025r2_rule

Vulnerability Number

V-18490

Group Title

IDPS sensor is not monitoring DMZ segments

Rule Version

NET-IDPS-016

Severity

CAT II

CCI(s)

• CCI-001097 - The information system monitors and controls communications at the external boundary of the information system and at key internal boundaries within the system.
• CCI-001255 - The organization deploys monitoring devices strategically within the information system to collect organization-determined essential information.
• CCI-002668 - The organization defines the interior points within the information system (e.g., subnetworks, subsystems) where outbound communications will be analyzed to discover anomalies.

Weight

10

Fix Recommendation

Place an IDPS sensor in the enclave to monitor public servers.

Check Contents

Review the DMZ topology and verify public servers are being monitored by an IDPS.

If an IDPS sensor is not deployed to monitor all DMZ segments housing public servers, this is a finding.

Vulnerability Number

V-18490

Documentable

False

Rule Version

NET-IDPS-016

Severity Override Guidance

Review the DMZ topology and verify public servers are being monitored by an IDPS.

If an IDPS sensor is not deployed to monitor all DMZ segments housing public servers, this is a finding.

Check Content Reference

M

Target Key

838

Comments