The ALG must alert the IAO, IAM, and other individuals designated by the local organization when events identified by authoritative sources (e.g., IAVMs, CTOs, trusted vendor alerts) are detected.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000392-ALG-000142 | SRG-NET-000392-ALG-000142 | SRG-NET-000392-ALG-000142_rule | Medium |
| Description |
|---|
| When a security event occurs, the ALG must notify the appropriate support personnel to ensure action is taken to resolve the incident. Automated mechanisms can be used to send automatic alerts or notifications. Such automatic alerts or notifications can be conveyed in a variety of ways (e.g., telephonically, via electronic mail, via text message, or via websites). |
| STIG | Date |
|---|---|
| Application Layer Gateway Security Requirements Guide | 2014-06-27 |
Details
| Check Text ( C-SRG-NET-000392-ALG-000142_chk ) |
|---|
| Verify the ALG is configured to send an alert to the IAO, IAM, and organizationally identified individuals when events identified by authoritative sources (e.g., IAVMs, CTOs, trusted vendor alerts) are detected. If the ALG is not configured to alert the IAO, IAM, and other organizationally identified individuals when events identified by authoritative sources (e.g., IAVMs, CTOs, trusted vendor alerts) are detected, this is a finding. |
| Fix Text (F-SRG-NET-000392-ALG-000142_fix) |
|---|
| Configure the ALG to alert the IAO, IAM, and organizationally identified individuals when events identified by authoritative sources (e.g., IAVMs, CTOs, trusted vendor alerts) are detected. |