20.64 Ensure 'The system uses a host-based intrusion detection or prevention system'

Information

This policy setting ensures that the Operating System has a host-based intrusion detection (HIDS) or prevention system (HIPS) installed.

Rationale:

A properly configured Host-based Intrusion Detection System (HIDS) or Host-based Intrusion Prevention System (HIPS) provides another level of defense against unauthorized access to critical servers. With proper configuration and logging enabled, such a system can stop and/or alert for attempts to gain unauthorized access to resources.

Impact:

A host-based intrusion detection (HIDS) or prevention system (HIPS) must be installed on the system.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Install a HIDS or HIPS on each server.

Default Value:

N/A




Additional Information:

Microsoft Windows Server 2019 Security Technical Implementation Guide:
Version 2, Release 1, Benchmark Date: November 13, 2020

Vul ID: V-205851
Rule ID: SV-205851r569188_rule
STIG ID: WN19-00-000120
Severity: CAT II

See Also

https://workbench.cisecurity.org/files/3345

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3, CSCv7|8.1

Plugin: Windows

Control ID: 996f240cd604fc5d367d54cd1a36c89b2f1138cb5aabaaf71e01c282d14893c4