Title

(U//FOUO) The HIPS Trusted Network address list does not include the local subnet automatically. (Cat II impact)

Discussion

Check Content

(U//FOUO) This check needs to be completed for every active policy that controls ePO agents. From the ePO server console, select the ePO server, then select ‘Policies,’ followed by ‘Host Intrusion Prevention 7: General’ from the product list. From the ‘Trusted Networks’ category, select the applicable policy. From the ‘Options’ section, ensure that the ‘Include local subnet automatically’ is not checked. If ‘Include local subnet automatically’ is checked, this is a finding.

Fix Text

(U//FOUO) From the ePO server console, select the applicable policy to be checked for HIPS for the ePO server. Select the Trusted Network. From the Trusted Network tab, examine the options list. De-select “Include Local Subnet Automatically”.

Additional Identifiers

Rule ID: SV-15159r1_rule

Vulnerability ID: V-14541

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.