The IDPS must generate a log record when unauthorized network services are detected.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-206911 | SRG-NET-000385 | SRG-NET-000385-IDPS-00210 | SV-206911r856548_rule | 2025-09-22 | 3 |
Description
Unauthorized or unapproved network services lack organizational verification or validation and therefore may be unreliable or serve as malicious rogues for valid services.
Examples of network services include service-oriented architectures (SOAs), cloud-based services (e.g., infrastructure as a service, platform as a service, or software as a service), cross-domain, Voice Over Internet Protocol, Instant Messaging, auto-execute, and file sharing.
ℹ️ Check
Verify the IDPS generates a log record when unauthorized network services are detected.
If the IDPS does not generate a log record when unauthorized network services are detected, this is a finding.
✔️ Fix
Configure the IDPS to generate a log record when unauthorized network services are detected.