Intrusion Detection and Prevention System (IDPS) traffic between the sensor and the security management or sensor data collection servers must traverse a dedicated Virtual Local Area Network (VLAN) logically separating IDPS traffic from all other enclave traffic.

An XCCDF Rule

Details
Profiles

Description

All IDPS data collected by agents in the enclave at required locations must also be protected by logical separation when in transit from the agent to the management or database servers located on the Network Management subnet.

ID: SV-251340r805975_rule
Version: NET-IDPS-025
Severity: Medium
References: CCI-000366
Updated: 5 days ago

Remediation Templates

Design a communications path for OOB traffic or create a VLAN for IDPS traffic to protect the data.

Intrusion Detection and Prevention System (IDPS) traffic between the sensor and the security management or sensor data collection servers must traverse a dedicated Virtual Local Area Network (VLAN) logically separating IDPS traffic from all other enclave traffic.

Description

Remediation Templates

A Manual Procedure