The application server must be configured to fail over to another system in the event of log subsystem failure.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35191	SRG-APP-000109-AS-000070	SV-46478r3_rule		Medium

Description
This requirement is dependent upon system MAC and availability. If the system MAC and availability do not specify redundancy requirements, this requirement is NA. It is critical that, when a system is at risk of failing to process logs as required, it detects and takes action to mitigate the failure. Application servers must be capable of failing over to another system which can handle application and logging functions upon detection of an application log processing failure. This will allow continual operation of the application and logging functions while minimizing the loss of operation for the users and loss of log data.

Description

This requirement is dependent upon system MAC and availability. If the system MAC and availability do not specify redundancy requirements, this requirement is NA. It is critical that, when a system is at risk of failing to process logs as required, it detects and takes action to mitigate the failure. Application servers must be capable of failing over to another system which can handle application and logging functions upon detection of an application log processing failure. This will allow continual operation of the application and logging functions while minimizing the loss of operation for the users and loss of log data.

STIG	Date
Application Server Security Requirements Guide	2015-08-28

Details

Check Text ( C-43569r7_chk )
If the system MAC level and availability do not require redundancy, this requirement is NA. Review the system's accreditation documentation to determine system MAC and confidentiality requirements. Review application server configuration settings to determine if the application server is configured to fail over operation to another system when the log subsystem fails to operate. If the system MAC level requires redundancy and the application server is not configured to fail over to another system which can handle application and log functions when a log subsystem failure occurs, this is a finding.

Check Text ( C-43569r7_chk )

If the system MAC level and availability do not require redundancy, this requirement is NA.

Review the system's accreditation documentation to determine system MAC and confidentiality requirements. Review application server configuration settings to determine if the application server is configured to fail over operation to another system when the log subsystem fails to operate.

If the system MAC level requires redundancy and the application server is not configured to fail over to another system which can handle application and log functions when a log subsystem failure occurs, this is a finding.

Fix Text (F-39737r5_fix)
If the system MAC level and availability do not require redundancy, this requirement is NA. Configure the application server to fail over to another system which can handle log functions when the logging subsystem fails.