DoD STIGs – V-32586


Title: Intrusion detection software must be able to interconnect using standard protocols to create a system wide intrusion detection system.

Vulnerability ID: V-32586


IA Controls: None

Severity: medium

Description: When utilizing intrusion detection software, monitoring components are usually dispersed throughout the network, such as, when utilizing HIDS and multiple NIDS sensors. In order to leverage the capabilities of intrusion detection systems to get a complete overall view of network and host activity, these separate components must be able to report and react to activity they detect.

Non-standard or custom communication protocols do not provide the reliability and veracity required of an enterprise class intrusion detection system. An example of a custom protocol includes, but is not limited to, vendor specific communication protocols that have not undergone IETF RFC evaluation and/or are not in common use throughout the Internet as a whole.

This requirement is specific to applications providing intrusion detection (IDS). This requirement is NA for databases.

Check Text: This check is NA for databases.

Fix Text: This fix is NA for databases.


Interpreting V-32586:

As noted, this does not apply to SQL Server databases.

Return to the DoD STIGs – Database Security Requirements Guide

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.