STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← SI-4 (22) — System Monitoring

CCI-002683

Definition

Detect network services that have not been authorized or approved by the organization-defined authorization or approval processes.

Parent Control

SI-4 (22)System MonitoringSystem and Information Integrity

Linked STIG Checks (11)

V-205013CAT IIThe ALG providing content filtering must detect use of network services that have not been authorized or approved by the ISSM and ISSO, at a minimum.Application Layer Gateway Security Requirements Guide V-266160CAT IIThe F5 BIG-IP appliance providing content filtering must detect use of network services that have not been authorized or approved by the information system security manager (ISSM) and information system security officer (ISSO), at a minimum.F5 BIG-IP TMOS ALG Security Technical Implementation Guide V-55375CAT IIThe IDPS must detect network services that have not been authorized or approved by the ISSO or ISSM, at a minimum.Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide V-206910CAT IIThe IDPS must detect network services that have not been authorized or approved by the ISSO or ISSM, at a minimum.Intrusion Detection and Prevention Systems Security Requirements Guide V-243211CAT IIIWLAN signals must not be intercepted outside areas authorized for WLAN access.Network WLAN AP-IG Platform Security Technical Implementation Guide V-228865CAT IIThe Palo Alto Networks security platform must detect use of network services that have not been authorized or approved by the ISSM and ISSO, at a minimum.Palo Alto Networks ALG Security Technical Implementation Guide V-207706CAT IIThe Palo Alto Networks security platform must detect use of network services that have not been authorized or approved by the ISSM and ISSO, at a minimum.Palo Alto Networks IDPS Security Technical Implementation Guide V-279180CAT IIThe Edge SWG must be configured to remove or disable unrelated or unneeded application proxy services.Symantec Edge SWG ALG Security Technical Implementation Guide V-94335CAT IISymantec ProxySG providing content filtering must detect use of network services that have not been authorized or approved by the ISSM and ISSO, at a minimum.Symantec ProxySG ALG Security Technical Implementation Guide V-241171CAT IITrend Deep Security detection application must detect network services that have not been authorized or approved by the organization-defined authorization or approval processes.Trend Micro Deep Security 9.x Security Technical Implementation Guide V-242201CAT IIThe TPS must detect network services that have not been authorized or approved by the ISSO or ISSM, at a minimum, through use of a site-approved TPS device profile.Trend Micro TippingPoint IDPS Security Technical Implementation Guide