800-53|SI-4(22)

Title

UNAUTHORIZED NETWORK SERVICES

Description

The information system detects network services that have not been authorized or approved by [Assignment: organization-defined authorization or approval processes] and [Selection (one or more): audits; alerts [Assignment: organization-defined personnel or roles]].

Supplemental

Unauthorized or unapproved network services include, for example, services in service-oriented architectures that lack organizational verification or validation and therefore may be unreliable or serve as malicious rogues for valid services.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: AC-6,CM-7,SA-5,SA-9

Category: SYSTEM AND INFORMATION INTEGRITY

Parent Title: INFORMATION SYSTEM MONITORING

Family: SYSTEM AND INFORMATION INTEGRITY

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
PANW-AG-000112 - The Palo Alto Networks security platform must detect use of network services that have not been authorized or approved by the ISSM and ISSO, at a minimum.	Palo_Alto	DISA STIG Palo Alto ALG v3r1
PANW-AG-000113 - The Palo Alto Networks security platform must generate a log record when unauthorized network services are detected.	Palo_Alto	DISA STIG Palo Alto ALG v3r1
PANW-AG-000114 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when unauthorized network services are detected.	Palo_Alto	DISA STIG Palo Alto ALG v3r1
PANW-IP-000046 - The Palo Alto Networks security platform must detect use of network services that have not been authorized or approved by the ISSM and ISSO, at a minimum.	Palo_Alto	DISA STIG Palo Alto IDPS v3r1
PANW-IP-000047 - The Palo Alto Networks security platform must generate a log record when unauthorized network services are detected.	Palo_Alto	DISA STIG Palo Alto IDPS v3r1
PANW-IP-000048 - The Palo Alto Networks security platform must generate an alert to the ISSO and ISSM, at a minimum, when unauthorized network services are detected.	Palo_Alto	DISA STIG Palo Alto IDPS v3r1
SYMP-AG-000610 - Symantec ProxySG providing content filtering must detect use of network services that have not been authorized or approved by the ISSM and ISSO, at a minimum.	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000620 - Symantec ProxySG providing content filtering must generate a log record when access attempts to unauthorized websites and/or services are detected.	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000630 - Symantec ProxySG providing content filtering must generate an alert to, at a minimum, the ISSO and ISSM when access attempts to unauthorized websites and/or services are detected.	BlueCoat	DISA Symantec ProxySG Benchmark ALG v1r3

Detections

Analytics