UCF STIG Viewer Logo

The ALG providing user access control intermediary services must provide the capability for authorized users to capture, record, and log all content related to a selected user session.


Overview

Finding ID Version Rule ID IA Controls Severity
V-54769 SRG-NET-000399-ALG-000042 SV-69015r1_rule Medium
Description
Without the capability to capture, record, and log content related to a user session, investigations into suspicious user activity would be hampered. The intent of this requirement is to ensure the capability to select specific sessions to capture is available in order to support general auditing/incident investigation, or to validate suspected misuse by a specific user. Examples of session events that may be captured include, port mirroring, tracking websites visited, and recording information and/or file transfers.
STIG Date
Application Layer Gateway (ALG) Security Requirements Guide (SRG) 2015-06-30

Details

Check Text ( C-55391r1_chk )
If the ALG does not provide user access control and intermediary services, this is not applicable.

Verify the ALG provides the capability for authorized users to capture, record, and log all content related to a user session.

If the ALG does not provide the capability for authorized users to capture, record, and log all content related to a user session, this is a finding.
Fix Text (F-59627r1_fix)
If user access control intermediary services are provided, configure the ALG to provide the capability for authorized users to capture, record, and log all content related to a user session.