Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The BIG-IP appliance must be configured to use automated mechanisms to alert security personnel to threats identified by authoritative sources (e.g., CTOs) and IAW with CJCSM 6510.01B.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-60225 | F5BI-DM-000263 | SV-74655r1_rule | Medium |
| Description |
|---|
| By immediately displaying an alarm message, potential security violations can be identified more quickly even when administrators are not logged onto the network device. An example of a mechanism to facilitate this would be through the utilization of SNMP traps. |
| STIG | Date |
|---|---|
| F5 BIG-IP Device Management 11.x Security Technical Implementation Guide | 2019-10-01 |
Details
| Check Text ( C-61153r1_chk ) |
|---|
| Verify the BIG-IP appliance is configured to use automated mechanisms to alert security personnel to threats identified by authoritative sources (e.g., CTOs) and IAW with CJCSM 6510.01B. Navigate to the BIG-IP System manager >> System >> Logs >> Configuration >> Log Destinations. Verify a log destination is configured for a CNDSP or other mechanism that is monitored by security personnel. If the BIG-IP appliance is not configured to use automated mechanisms to alert security personnel to threats identified by authoritative sources (e.g., CTOs) and IAW with CJCSM 6510.01B, this is a finding. |
| Fix Text (F-65841r1_fix) |
|---|
| Configure the BIG-IP appliance to use automated mechanisms to alert security personnel to threats identified by authoritative sources (e.g., CTOs) and IAW with CJCSM 6510.01B. |