Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-25890 | NET1288 | SV-32503r1_rule | ECSC-1 ECTB-1 | Low |
Description |
---|
The firewall logs can be used for forensic analysis in support of incident as well as to aid with normal traffic analysis. It can take numerous days to recover from a firewall outage when a proper backup scheme is not used. |
STIG | Date |
---|---|
Firewall Security Technical Implementation Guide - Cisco | 2013-10-08 |
Check Text ( C-32808r1_chk ) |
---|
Review the active log and verify the date and time of the records is correct. |
Fix Text (F-28925r1_fix) |
---|
Ensure the firewall is receiving time from the same source as other network devices are, such as the perimeter router. Verify the NTP guidance is implemented correctly. |