STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Application Layer Gateway Security Requirements Guide

V-205024

CAT II (Medium)

The ALG that implements spam protection mechanisms must be updated automatically.

Rule ID

SV-205024r396447_rule

STIG

Application Layer Gateway Security Requirements Guide

Version

V2R3

CCIs

CCI-001308

Discussion

Originators of spam messages are constantly changing their techniques in order to defeat spam countermeasures; therefore, spam software must be constantly updated to address the changing threat. A manual update procedure is labor intensive and does not scale well in an enterprise environment. This risk may be mitigated by using an automatic update capability. Spam protection mechanisms include, for example, signature definitions, rule sets, and algorithms. This requirement applies to gateways and firewalls that perform content inspection or have higher-layer proxy functionality.

Check Content

If the ALG does not provide spam protection functions, this is not applicable.

Verify the ALG automatically updates spam protection mechanisms.

If the ALG does not automatically update spam protection mechanisms, this is a finding.

Fix Text

If the ALG provides spam protection functions, configure the ALG to automatically update spam protection mechanisms.