STIGQter: STIG Summary: Palo Alto Networks IDPS Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The Palo Alto Networks security platform must continuously monitor outbound communications traffic for unusual/unauthorized activities or conditions.

DISA Rule

SV-207710r557390_rule

Vulnerability Number

V-207710

Group Title

SRG-NET-000391-IDPS-00213

Rule Version

PANW-IP-000050

Severity

CAT II

CCI(s)

• CCI-002662 - The information system monitors outbound communications traffic per organization-defined frequency for unusual or unauthorized activities or conditions.

Weight

10

Fix Recommendation

The network architecture diagrams must identify where traffic crosses from one internal zone to another. The specific security policy is based on the authorized endpoints, applications, and protocols.

To create or edit a Security Policy:
Go to Policies >> Security
Select "Add" to create a new security policy or select the name of the security policy to edit it.
Configure the specific parameters of the policy by completing the required information in the fields of each tab.
Commit changes by selecting "Commit" in the upper-right corner of the screen. Select "OK" when the confirmation dialog appears.

Check Contents

Obtain the network architecture diagrams and identify where traffic crosses from one internal zone to another and review the configuration of the Palo Alto Networks security platform.

If it does not filter traffic passing between zones, this is a finding.

Vulnerability Number

V-207710

Documentable

False

Rule Version

PANW-IP-000050

Severity Override Guidance

Obtain the network architecture diagrams and identify where traffic crosses from one internal zone to another and review the configuration of the Palo Alto Networks security platform.

If it does not filter traffic passing between zones, this is a finding.

Check Content Reference

M

Target Key

2927

Comments