Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Arista Multilayer Switch must, at a minimum, off-load audit records for interconnected systems in real time.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-60881 | AMLS-NM-000400 | SV-75339r1_rule | Medium |
| Description |
|---|
| Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. |
| STIG | Date |
|---|---|
| Arista MLS DCS-7000 Series NDM Security Technical Implementation Guide | 2016-03-29 |
Details
| Check Text ( C-61829r1_chk ) |
|---|
| Check the network device configuration to determine if the device off-loads audit records onto a different system or media than the system being audited. If the device does not off-load audit records onto a different system or media, this is a finding. Review the configuration for the "logging host [a.b.c.d]" statement. Execute a "show logging" to verify logging host status. |
| Fix Text (F-66593r1_fix) |
|---|
| Configure the network device to off-load interconnected systems in real time and off-load standalone systems weekly. Arista EOS logs can be exported to, including by a regular syslog server. Configuration Example: switch(config)#logging host[ a.b.c.d] switch(config)#logging trap informational |