STIGQter STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016:

Trend Deep Security must notify the system administrator when anomalies in the operation of the security functions are discovered.

DISA Rule

SV-80495r1_rule

Vulnerability Number

V-66005

Group Title

SRG-APP-000474

Rule Version

TMDS-00-002125

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Trend Deep Security sever to notify the system administrator when anomalies in the operation of the security functions are discovered.

To enable Intrusion Prevention functionality on a computer:
In the Policy/Computer editor, go to Intrusion Prevention >> General

Select "On", and then click "Assign/Unassign".

Select the appropriate rules applicable to the information system being monitored.

Click "Save".

Check Contents

Review the Trend Deep Security server configuration to ensure the system administrator is notified when anomalies in the operation of the security functions are discovered.

Verify Intrusion Prevention is enabled for all connected host systems by navigating to Policy >> Policy Editor.

Navigate to Intrusion Prevention >> General, verify that the intrusion prevention module is "On" and configured with assigned rules. If "Intrusion Prevention" is not set to "On", this is a finding.

Vulnerability Number

V-66005

Documentable

False

Rule Version

TMDS-00-002125

Severity Override Guidance

Review the Trend Deep Security server configuration to ensure the system administrator is notified when anomalies in the operation of the security functions are discovered.

Verify Intrusion Prevention is enabled for all connected host systems by navigating to Policy >> Policy Editor.

Navigate to Intrusion Prevention >> General, verify that the intrusion prevention module is "On" and configured with assigned rules. If "Intrusion Prevention" is not set to "On", this is a finding.

Check Content Reference

M

Target Key

2955

Comments