STIGQter: STIG Summary: Network Infrastructure Policy Security Technical Implementation Guide Version: 9 Release: 10 Benchmark Date: 24 Jan 2020:

An Intrusion Detection and Prevention System (IDPS) sensor must be deployed to monitor network segments that house network security management servers.

DISA Rule

SV-20028r2_rule

Vulnerability Number

V-18493

Group Title

IDPS sensor is not monitoring Network MGT network

Rule Version

NET-IDPS-019

Severity

CAT II

CCI(s)

• CCI-001097 - The information system monitors and controls communications at the external boundary of the information system and at key internal boundaries within the system.
• CCI-001255 - The organization deploys monitoring devices strategically within the information system to collect organization-determined essential information.
• CCI-002668 - The organization defines the interior points within the information system (e.g., subnetworks, subsystems) where outbound communications will be analyzed to discover anomalies.

Weight

10

Fix Recommendation

Install an IDPS to monitor and protect the Management Network (management subnet or OOB network).

Check Contents

Review the management network topology and verify network security management servers are being monitored by an IDPS.

If an IDPS sensor is not deployed to monitor all segments housing network security management servers, this is a finding.

Vulnerability Number

V-18493

Documentable

False

Rule Version

NET-IDPS-019

Severity Override Guidance

Review the management network topology and verify network security management servers are being monitored by an IDPS.

If an IDPS sensor is not deployed to monitor all segments housing network security management servers, this is a finding.

Check Content Reference

M

Target Key

838

Comments