Detections
Analytics

800-53|SI-4(1)

Title

SYSTEM-WIDE INTRUSION DETECTION SYSTEM

Description

The organization connects and configures individual intrusion detection tools into an information system-wide intrusion detection system.

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Parent Title: INFORMATION SYSTEM MONITORING

Family: SYSTEM AND INFORMATION INTEGRITY

Audit Items

View all Reference Audit Items

NamePluginAudit Name
6.18 Ensure that all zones have Zone Prot Profiles with all Recon Protection settings enabled, tuned, and set to appropriate actionsPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
6.18 Ensure that all zones have Zone Protection Profiles with all Reconnaissance Protection settings enabled, tuned, and set actionsPalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
6.18 Ensure that all zones have Zone Protection Profiles with all Reconnaissance Protection settings enabled, tuned, and set actionsPalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
Ensure intrusion prevention is enabled for untrusted interfacesCisco_FirepowerTenable Cisco Firepower Threat Defense Best Practices Audit
F5BI-AP-300018 - The F5 BIG-IP appliance must generate event log records that can be forwarded to the centralized events log.F5DISA F5 BIG-IP TMOS ALG STIG v1r2
GEN006480 - The system must have a host-based intrusion detection tool installed.UnixDISA STIG for Oracle Linux 5 v2r1
GEN006480 - The system must have a host-based intrusion detection tool installed.UnixDISA STIG AIX 6.1 v1r14
GEN006480 - The system must have a host-based intrusion detection tool installed.UnixDISA AIX 5.3 STIG v1r2
GEN006480 - The system must have a host-based intrusion detection tool installed.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
PANW-AG-000111 - The Palo Alto Networks security platform must be configured to integrate with a system-wide intrusion detection system.Palo_AltoDISA Palo Alto Networks ALG STIG v3r4
PANW-IP-000045 - Palo Alto Networks security platform components, including sensors, event databases, and management consoles must integrate with a network-wide monitoring capability.Palo_AltoDISA Palo Alto Networks IDPS STIG v3r2
SYMP-AG-000600 - Symantec ProxySG providing content filtering must be configured to integrate with a system-wide intrusion detection system.BlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
WatchGuard : IPS - 'Enabled'WatchGuardTNS Best Practice WatchGuard Audit 1.0.0