STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← SI-4 (1) — System Monitoring

CCI-002656

Definition

Configure individual intrusion detection tools into a system-wide intrusion detection system.

Parent Control

SI-4 (1)System MonitoringSystem and Information Integrity

Linked STIG Checks (15)

V-237053CAT IIIThe A10 Networks ADC, when used to load balance web applications, must enable external logging for WAF data event messages.A10 Networks ADC ALG Security Technical Implementation Guide V-76441CAT IIIKona Site Defender providing content filtering must be configured to integrate with a system-wide intrusion detection system.Akamai KSD Service Impact Level 2 ALG Security Technical Implementation Guide V-205012CAT IIThe ALG providing content filtering must be configured to integrate with a system-wide intrusion detection system.Application Layer Gateway Security Requirements Guide V-237403CAT IIThe CA API Gateway providing content filtering must be configured to integrate with a system-wide intrusion detection system.CA API Gateway ALG Security Technical Implementation Guide V-259867CAT IFor Infrastructure as a Service (IaaS)/Platform as a Service (PaaS), the Mission Owner must configure an intrusion detection and prevention system (IDPS) to protect DOD virtual machines (VMs), services, and applications.Cloud Computing Mission Owner Network Security Requirements Guide V-237567CAT IIThe DBN-6300 must integrate with a network-wide monitoring capability.DBN-6300 IDPS Security Technical Implementation Guide V-266146CAT IIThe F5 BIG-IP appliance must generate event log records that can be forwarded to the centralized events log.F5 BIG-IP TMOS ALG Security Technical Implementation Guide V-65283CAT IIIThe DataPower Gateway providing content filtering must be configured to integrate with a system-wide intrusion detection system.IBM DataPower ALG Security Technical Implementation Guide V-55365CAT IIIDPS components, including sensors, event databases, and management consoles must integrate with a network-wide monitoring capability.Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide V-206909CAT IIIDPS components, including sensors, event databases, and management consoles must integrate with a network-wide monitoring capability.Intrusion Detection and Prevention Systems Security Requirements Guide V-228864CAT IIIThe Palo Alto Networks security platform must be configured to integrate with a system-wide intrusion detection system.Palo Alto Networks ALG Security Technical Implementation Guide V-207705CAT IIPalo Alto Networks security platform components, including sensors, event databases, and management consoles must integrate with a network-wide monitoring capability.Palo Alto Networks IDPS Security Technical Implementation Guide V-279203CAT IIThe Edge SWG must control remote access methods.Symantec Edge SWG ALG Security Technical Implementation Guide V-94333CAT IISymantec ProxySG providing content filtering must be configured to integrate with a system-wide intrusion detection system.Symantec ProxySG ALG Security Technical Implementation Guide V-242176CAT IIThe TPS must provide audit record generation capability for detection events based on implementation of policy filters, rules, signatures, and anomaly analysis.Trend Micro TippingPoint IDPS Security Technical Implementation Guide