Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-25891 | NET1289 | SV-32504r1_rule | ECSC-1 ECTB-1 | Low |
Description |
---|
The firewall logs can be used for forensic analysis in support of incident as well as to aid with normal traffic analysis. |
STIG | Date |
---|---|
Firewall Security Technical Implementation Guide | 2013-10-08 |
Check Text ( C-32809r1_chk ) |
---|
Review the active firewall logs and verify the source IP, destination IP, port, protocol used and action taken are recorded fields in the event record.. |
Fix Text (F-28929r1_fix) |
---|
Ensure the firewall logs are receiving source IP, destination IP, port, protocol used and action taken. |