Trend Micro TippingPoint IDPS Security Technical Implementation Guide

SRG-NET-000273-IDPS-00204

The TPS must automatically install updates to signature definitions, detection heuristics, and vendor-provided rules.

SRG-NET-000246-IDPS-00205

The SMS must install updates on the TPS for application software files, signature definitions, detection heuristics, and vendor-provided rules when new releases are available in accordance with organizational configuration management policy and procedures.

SRG-NET-000249-IDPS-00176

The TPS must block malicious code.

SRG-NET-000248-IDPS-00206

The TPS must generate a log record so an alert can be configured to, at a minimum, the system administrator when malicious code is detected.

SRG-NET-000384-IDPS-00209

The TPS must detect network services that have not been authorized or approved by the ISSO or ISSM, at a minimum, through use of a site-approved TPS device profile.

SRG-NET-000385-IDPS-00211

The IDPS must generate an alert to the ISSM and ISSO, at a minimum, when unauthorized network services are detected.

SRG-NET-000390-IDPS-00212

The IDPS must continuously monitor inbound communications traffic for unusual/unauthorized activities or conditions.

SRG-NET-000391-IDPS-00213

The TPS must continuously monitor outbound communications traffic for unusual/unauthorized activities or conditions.

SRG-NET-000392-IDPS-00214

The TPS must send an alert to, at a minimum, the ISSM and ISSO when intrusion detection events are detected which indicate a compromise or potential for compromise.

SRG-NET-000392-IDPS-00215

The site must register with the Trend Micro TippingPoint Threat Management Center (TMC) in order to receive alerts on threats identified by authoritative sources (e.g., IAVMs or CTOs) are detected which indicate a compromise or potential for compromise.