The IDPS must generate a log record when unauthorized network services are detected.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-206911	SRG-NET-000385	SRG-NET-000385-IDPS-00210	SV-206911r856548_rule	2024-12-05	3

Description
Unauthorized or unapproved network services lack organizational verification or validation and therefore may be unreliable or serve as malicious rogues for valid services. Examples of network services include service-oriented architectures (SOAs), cloud-based services (e.g., infrastructure as a service, platform as a service, or software as a service), cross-domain, Voice Over Internet Protocol, Instant Messaging, auto-execute, and file sharing.

Description

Unauthorized or unapproved network services lack organizational verification or validation and therefore may be unreliable or serve as malicious rogues for valid services. Examples of network services include service-oriented architectures (SOAs), cloud-based services (e.g., infrastructure as a service, platform as a service, or software as a service), cross-domain, Voice Over Internet Protocol, Instant Messaging, auto-execute, and file sharing.

ℹ️ Check
Verify the IDPS generates a log record when unauthorized network services are detected. If the IDPS does not generate a log record when unauthorized network services are detected, this is a finding.

✔️ Fix
Configure the IDPS to generate a log record when unauthorized network services are detected.