800-53|SC-7(17)

Title

AUTOMATED ENFORCEMENT OF PROTOCOL FORMATS

Description

The information system enforces adherence to protocol formats.

Supplemental

Information system components that enforce protocol formats include, for example, deep packet inspection firewalls and XML gateways. Such system components verify adherence to protocol formats/specifications (e.g., IEEE) at the application layer and identify significant vulnerabilities that cannot be detected by devices operating at the network or transport layers.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: SC-4

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Parent Title: BOUNDARY PROTECTION

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
5.1 Ensure no Network ACLs allow ingress from 0.0.0.0/0 to remote server administration ports	amazon_aws	CIS Amazon Web Services Foundations L1 1.3.0
F5BI-LT-000303 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound SMTP and Extended SMTP communications traffic to virtual servers.	F5	DISA F5 BIG-IP Local Traffic Manager STIG v2r3
F5BI-LT-000305 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound FTP and FTPS communications traffic to virtual servers.	F5	DISA F5 BIG-IP Local Traffic Manager STIG v2r3
F5BI-LT-000307 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound HTTP and HTTPS traffic to virtual servers.	F5	DISA F5 BIG-IP Local Traffic Manager STIG v2r3
PANW-AG-000015 - The Palo Alto Networks security platform, if used to provide intermediary services for remote access communications traffic (TLS or SSL decryption), must ensure inbound and outbound traffic is monitored for compliance with remote access security policies - TLS/SSL must monitor traffic.	Palo_Alto	DISA STIG Palo Alto ALG v2r1
PANW-AG-000078 - The Palo Alto Networks security platform, if used as a TLS gateway/decryption point or VPN concentrator, must control remote access methods (inspect and filter traffic).	Palo_Alto	DISA STIG Palo Alto ALG v2r1
PANW-AG-000147 - The Palo Alto Networks security platform must inspect inbound and outbound SMTP and Extended SMTP communications traffic (if authorized) for protocol compliance and protocol anomalies.	Palo_Alto	DISA STIG Palo Alto ALG v3r1
PANW-AG-000148 - The Palo Alto Networks security platform must inspect inbound and outbound FTP and FTPS communications traffic (if authorized) for protocol compliance and protocol anomalies.	Palo_Alto	DISA STIG Palo Alto ALG v2r1
PANW-AG-000148 - The Palo Alto Networks security platform must inspect inbound and outbound FTP and FTPS communications traffic (if authorized) for protocol compliance and protocol anomalies.	Palo_Alto	DISA STIG Palo Alto ALG v3r1
PANW-AG-000149 - The Palo Alto Networks security platform must inspect inbound and outbound HTTP traffic (if authorized) for protocol compliance and protocol anomalies.	Palo_Alto	DISA STIG Palo Alto ALG v3r1
SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Forwarding Host	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Policy Rules	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Review Proxies	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000250 - Symantec ProxySG providing intermediary services for FTP must inspect outbound FTP communications traffic for protocol compliance and protocol anomalies.	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000260 - Symantec ProxySG providing intermediary services for HTTP must inspect inbound HTTP traffic for protocol compliance and protocol anomalies - Explicit	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000260 - Symantec ProxySG providing intermediary services for HTTP must inspect inbound HTTP traffic for protocol compliance and protocol anomalies - External	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000260 - Symantec ProxySG providing intermediary services for HTTP must inspect inbound HTTP traffic for protocol compliance and protocol anomalies - Internal	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - Explicit	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - External	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - Internal	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3

Detections

Analytics