Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
CA API Gateway ALG Security Technical Implementation Guide
SRG-NET-000383-ALG-000135
The CA API Gateway providing content filtering must be configured to integrate with a system-wide intrusion detection system.
The CA API Gateway providing content filtering must be configured to integrate with a system-wide intrusion detection system.
An XCCDF Rule
Details
Profiles
Prose
The CA API Gateway providing content filtering must be configured to integrate with a system-wide intrusion detection system.
Medium Severity
<VulnDiscussion>Without coordinated reporting between separate devices, it is not possible to identify the true scale and possible target of an attack. Integration of the ALG with a system-wide intrusion detection system supports continuous monitoring and incident response programs. This requirement applies to monitoring at internal boundaries using TLS gateways, web content filters, email gateways, and other types of ALGs. ALGs can work as part of the network monitoring capabilities to off-load inspection functions from the external boundary Intrusion Detection and Prevention System (IDPS) by performing more granular content inspection of protocols at the upper layers of the Open Systems Interconnection (OSI) reference model. The CA API Gateway must be configured to integrate with an ICAP enabled Intrusion Detection System such as McAfee, Sophos, or Symantec.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>