The IDPS must maintain the confidentiality of information during aggregation and encapsulation in preparation for transmission.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000212-IDPS-NA	SRG-NET-000212-IDPS-NA	SRG-NET-000212-IDPS-NA_rule		Medium

Description
If the organization is relying on a commercial service provider for transmission services as a commodity item rather than a fully dedicated service for both internal and external connectivity, it may be more difficult to obtain the necessary assurances regarding the implementation of needed security controls for transmission confidentiality. When it is infeasible or impractical to obtain the necessary security controls and assurances of control effectiveness through appropriate contracting vehicles, the organization either implements appropriate compensating security controls or explicitly accepts the additional risk.

Description

If the organization is relying on a commercial service provider for transmission services as a commodity item rather than a fully dedicated service for both internal and external connectivity, it may be more difficult to obtain the necessary assurances regarding the implementation of needed security controls for transmission confidentiality. When it is infeasible or impractical to obtain the necessary security controls and assurances of control effectiveness through appropriate contracting vehicles, the organization either implements appropriate compensating security controls or explicitly accepts the additional risk.

STIG	Date
IDPS Security Requirements Guide (SRG)	2012-03-08

Details

Check Text ( C-43377_chk )
This requirement does not apply to IDPS.

Fix Text (F-43377_fix)
Not applicable for IDPS. No fix required.