STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← SI-4 (22) — System Monitoring

CCI-002684

Definition

Audit and/or alert organization-defined personnel when unauthorized network services are detected.

Parent Control

SI-4 (22)System MonitoringSystem and Information Integrity

Linked STIG Checks (21)

V-205014CAT IIThe ALG providing content filtering must generate a log record when unauthorized network services are detected.Application Layer Gateway Security Requirements Guide V-205015CAT IIThe ALG providing content filtering must generate an alert to, at a minimum, the ISSO and ISSM when unauthorized network services are detected.Application Layer Gateway Security Requirements Guide V-266146CAT IIThe F5 BIG-IP appliance must generate event log records that can be forwarded to the centralized events log.F5 BIG-IP TMOS ALG Security Technical Implementation Guide V-266161CAT IIThe F5 BIG-IP appliance providing content filtering must generate a log record when unauthorized network services are detected.F5 BIG-IP TMOS ALG Security Technical Implementation Guide V-65285CAT IIThe DataPower Gateway providing content filtering must generate a log record when unauthorized network services are detected.IBM DataPower ALG Security Technical Implementation Guide V-65287CAT IIThe DataPower Gateway providing content filtering must generate an alert to, at a minimum, the ISSO and ISSM when unauthorized network services are detected.IBM DataPower ALG Security Technical Implementation Guide V-55377CAT IIThe IDPS must generate a log record when unauthorized network services are detected.Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide V-55379CAT IIThe IDPS must generate an alert to the ISSM and ISSO, at a minimum, when unauthorized network services are detected.Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide V-206911CAT IIThe IDPS must generate a log record when unauthorized network services are detected.Intrusion Detection and Prevention Systems Security Requirements Guide V-206912CAT IIThe IDPS must generate an alert to the ISSM and ISSO, at a minimum, when unauthorized network services are detected.Intrusion Detection and Prevention Systems Security Requirements Guide V-272882CAT IIMicrosoft Defender for Endpoint (MDE) must alert administrators on policy violations defined for endpoints.Microsoft Defender for Endpoint Security Technical Implementation Guide V-228866CAT IIThe Palo Alto Networks security platform must generate a log record when unauthorized network services are detected.Palo Alto Networks ALG Security Technical Implementation Guide V-228867CAT IIThe Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when unauthorized network services are detected.Palo Alto Networks ALG Security Technical Implementation Guide V-207707CAT IIThe Palo Alto Networks security platform must generate a log record when unauthorized network services are detected.Palo Alto Networks IDPS Security Technical Implementation Guide V-207708CAT IIThe Palo Alto Networks security platform must generate an alert to the ISSO and ISSM, at a minimum, when unauthorized network services are detected.Palo Alto Networks IDPS Security Technical Implementation Guide V-279203CAT IIThe Edge SWG must control remote access methods.Symantec Edge SWG ALG Security Technical Implementation Guide V-94337CAT IISymantec ProxySG providing content filtering must generate a log record when access attempts to unauthorized websites and/or services are detected.Symantec ProxySG ALG Security Technical Implementation Guide V-94339CAT IISymantec ProxySG providing content filtering must generate an alert to, at a minimum, the ISSO and ISSM when access attempts to unauthorized websites and/or services are detected.Symantec ProxySG ALG Security Technical Implementation Guide V-241172CAT IITrend Deep Security must, when unauthorized network services are detected, log the event and alert the ISSO, ISSM, and other individuals designated by the local organization.Trend Micro Deep Security 9.x Security Technical Implementation Guide V-242199CAT IThe TPS must generate a log record so an alert can be configured to, at a minimum, the system administrator when malicious code is detected.Trend Micro TippingPoint IDPS Security Technical Implementation Guide V-242202CAT IIThe IDPS must generate an alert to the ISSM and ISSO, at a minimum, when unauthorized network services are detected.Trend Micro TippingPoint IDPS Security Technical Implementation Guide