800-53|SI-4(1)

Title

SYSTEM-WIDE INTRUSION DETECTION SYSTEM

Description

The organization connects and configures individual intrusion detection tools into an information system-wide intrusion detection system.

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Parent Title: INFORMATION SYSTEM MONITORING

Family: SYSTEM AND INFORMATION INTEGRITY

Audit Items

View all Reference Audit Items

NamePluginAudit Name
6.18 Ensure that all zones have Zone Prot Profiles with all Recon Protection settings enabled, tuned, and set to appropriate actionsPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
6.18 Ensure that all zones have Zone Protection Profiles with all Reconnaissance Protection settings enabled, tuned, and set actionsPalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
6.18 Ensure that all zones have Zone Protection Profiles with all Reconnaissance Protection settings enabled, tuned, and set actionsPalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
Ensure intrusion prevention is enabled for untrusted interfacesCisco_FirepowerTenable Cisco Firepower Threat Defense Best Practices Audit
GEN006480 - The system must have a host-based intrusion detection tool installed.UnixDISA STIG AIX 6.1 v1r14
GEN006480 - The system must have a host-based intrusion detection tool installed.UnixDISA STIG for Oracle Linux 5 v2r1
GEN006480 - The system must have a host-based intrusion detection tool installed.UnixDISA STIG AIX 5.3 v1r2
GEN006480 - The system must have a host-based intrusion detection tool installed.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
PANW-AG-000111 - The Palo Alto Networks security platform must be configured to integrate with a system-wide intrusion detection system.Palo_AltoDISA STIG Palo Alto ALG v3r1
PANW-IP-000045 - Palo Alto Networks security platform components, including sensors, event databases, and management consoles must integrate with a network-wide monitoring capability.Palo_AltoDISA STIG Palo Alto IDPS v3r1
SYMP-AG-000600 - Symantec ProxySG providing content filtering must be configured to integrate with a system-wide intrusion detection system.BlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
WatchGuard : IPS - 'Enabled'WatchGuardTNS Best Practice WatchGuard Audit 1.0.0