STIGQter: STIG Summary: Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide Version: 2 Release: 6 Benchmark Date: 24 Jul 2020:

In the event of a failure of the IDPS function, the IDPS must save diagnostic information, log system messages, and load the most current security policies, rules, and signatures when restarted.

DISA Rule

SV-45660r2_rule

Vulnerability Number

V-34750

Group Title

SRG-NET-000236-IDPS-00170

Rule Version

SRG-NET-000236-IDPS-00170

Severity

CAT II

CCI(s)

• CCI-001665 - The information system preserves organization-defined system state information in the event of a system failure.

Weight

10

Fix Recommendation

Configure the IDPS to, upon failure of the IDPS function, save diagnostic information, log system messages, and load the most current security policies, rules, and signatures when restarted.

Check Contents

Verify the IDPS, upon failure of the IDPS function, saves diagnostic information, logs system messages, and loads the most current security policies, rules, and signatures when restarted.

If IDPS function, upon system failure, does not save diagnostic information, log system messages, and load the most current security policies, rules, and signatures when restarted, this is a finding.

Vulnerability Number

V-34750

Documentable

False

Rule Version

SRG-NET-000236-IDPS-00170

Severity Override Guidance

Verify the IDPS, upon failure of the IDPS function, saves diagnostic information, logs system messages, and loads the most current security policies, rules, and signatures when restarted.

If IDPS function, upon system failure, does not save diagnostic information, log system messages, and load the most current security policies, rules, and signatures when restarted, this is a finding.

Check Content Reference

M

Target Key

2358

Comments