Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
DBN-6300 IDPS Security Technical Implementation Guide
SRG-NET-000512-IDPS-00194
SRG-NET-000512-IDPS-00194
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-NET-000512-IDPS-00194
1 Rule
<GroupDescription></GroupDescription>
When implemented for protection of the database tier, the DBN-6300 must be logically connected for maximum database traffic visibility.
Medium Severity
<VulnDiscussion>Configuring the IDPS to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across DoD that reflects the most restrictive security posture consistent with operational requirements. Configuration settings are the set of parameters that can be changed that affect the security posture and/or functionality of the network element. Security-related parameters are those parameters impacting the security state of the network element, including the parameters required to satisfy other security control requirements. For the network element, security-related parameters include settings for communications traffic management configurations. If the DBN-6300 is installed incorrectly in the site's network architecture, vulnerable databases may not be detected and consequently may remain unprotected. To ensure optimum protection, the DBN-6300 must be logically installed between the application and database tiers of the network. The device has multiple interfaces that allow several connections to accommodate various network architectures. The device is installed as a passive listening device on all applicable subnetworks using the available ports. When placed correctly, the device monitors the "last mile" prior to database access, which is where SQL is optimally monitored.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>