800-53|SC-7(17)

Title

AUTOMATED ENFORCEMENT OF PROTOCOL FORMATS

Description

The information system enforces adherence to protocol formats.

Supplemental

Information system components that enforce protocol formats include, for example, deep packet inspection firewalls and XML gateways. Such system components verify adherence to protocol formats/specifications (e.g., IEEE) at the application layer and identify significant vulnerabilities that cannot be detected by devices operating at the network or transport layers.

Reference Item Details

Related: SC-4

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Parent Title: BOUNDARY PROTECTION

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Audit Items

View all Reference Audit Items

NamePluginAudit Name
F5BI-LT-000303 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound SMTP and Extended SMTP communications traffic to virtual servers.F5DISA F5 BIG-IP Local Traffic Manager STIG v2r3
F5BI-LT-000305 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound FTP and FTPS communications traffic to virtual servers.F5DISA F5 BIG-IP Local Traffic Manager STIG v2r3
F5BI-LT-000307 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound HTTP and HTTPS traffic to virtual servers.F5DISA F5 BIG-IP Local Traffic Manager STIG v2r3
PANW-AG-000147 - The Palo Alto Networks security platform must inspect inbound and outbound SMTP and Extended SMTP communications traffic (if authorized) for protocol compliance and protocol anomalies.Palo_AltoDISA STIG Palo Alto ALG v3r1
PANW-AG-000148 - The Palo Alto Networks security platform must inspect inbound and outbound FTP and FTPS communications traffic (if authorized) for protocol compliance and protocol anomalies.Palo_AltoDISA STIG Palo Alto ALG v3r1
PANW-AG-000149 - The Palo Alto Networks security platform must inspect inbound and outbound HTTP traffic (if authorized) for protocol compliance and protocol anomalies.Palo_AltoDISA STIG Palo Alto ALG v3r1
SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Forwarding HostBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Policy RulesBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Review ProxiesBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000250 - Symantec ProxySG providing intermediary services for FTP must inspect outbound FTP communications traffic for protocol compliance and protocol anomalies.BlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000260 - Symantec ProxySG providing intermediary services for HTTP must inspect inbound HTTP traffic for protocol compliance and protocol anomalies - ExplicitBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000260 - Symantec ProxySG providing intermediary services for HTTP must inspect inbound HTTP traffic for protocol compliance and protocol anomalies - ExternalBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000260 - Symantec ProxySG providing intermediary services for HTTP must inspect inbound HTTP traffic for protocol compliance and protocol anomalies - InternalBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - ExplicitBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - ExternalBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - InternalBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3