STIGQter: STIG Summary: Network Infrastructure Policy Security Technical Implementation Guide Version: 9 Release: 10 Benchmark Date: 24 Jan 2020:

An Intrusion Detection and Prevention System (IDPS) sensor must be deployed to monitor the network segment hosting web, application, and database servers.

DISA Rule

SV-20027r2_rule

Vulnerability Number

V-18492

Group Title

IDPS sensor is not monitoring Server Farm segments

Rule Version

NET-IDPS-018

Severity

CAT II

CCI(s)

• CCI-001097 - The information system monitors and controls communications at the external boundary of the information system and at key internal boundaries within the system.
• CCI-001255 - The organization deploys monitoring devices strategically within the information system to collect organization-determined essential information.
• CCI-002668 - The organization defines the interior points within the information system (e.g., subnetworks, subsystems) where outbound communications will be analyzed to discover anomalies.

Weight

10

Fix Recommendation

Implement an IDPS strategy to monitor the network segment hosting web, application, and database servers.

Check Contents

Review topology of the network segment hosting the web, application, and database servers.

If this segment is not being monitored by an IDPS sensor, this is a finding.

Vulnerability Number

V-18492

Documentable

False

Rule Version

NET-IDPS-018

Severity Override Guidance

Review topology of the network segment hosting the web, application, and database servers.

If this segment is not being monitored by an IDPS sensor, this is a finding.

Check Content Reference

M

Target Key

838

Comments