The IAO/NSO will ensure the audit trail events are stamped with accurate date and time.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-25890 | NET1288 | SV-32503r1_rule | ECSC-1 ECTB-1 | Low |
| Description |
|---|
| The firewall logs can be used for forensic analysis in support of incident as well as to aid with normal traffic analysis. It can take numerous days to recover from a firewall outage when a proper backup scheme is not used. |
| STIG | Date |
|---|---|
| Firewall Security Technical Implementation Guide - Cisco | 2013-10-08 |
Details
| Check Text ( C-32808r1_chk ) |
|---|
| Review the active log and verify the date and time of the records is correct. |
| Fix Text (F-28925r1_fix) |
|---|
| Ensure the firewall is receiving time from the same source as other network devices are, such as the perimeter router. Verify the NTP guidance is implemented correctly. |