Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-25890 | NET1288 | SV-32503r2_rule | ECSC-1 ECTB-1 | Low |
Description |
---|
Device logs can be used for forensic analysis in support of incident as well as to aid with normal traffic analysis. It can take numerous days to recover from a firewall outage when a proper backup scheme is not used. |
STIG | Date |
---|---|
Firewall Security Technical Implementation Guide | 2017-12-07 |
Check Text ( C-32808r4_chk ) |
---|
Review the device configuration to validate timestamps are configured for logging. If timestamps are not configured for logging purposes, this is a finding. |
Fix Text (F-28925r3_fix) |
---|
Configure the network device to include timestamps on all device logs. |