UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The firewall implementation must use cryptography to protect the integrity of audit tools.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000107-FW-000068 SRG-NET-000107-FW-000068 SRG-NET-000107-FW-000068_rule Low
Description
Audit tools provide services, such as audit reduction, reporting, and analysis. Without mechanisms, such as a signed hash using asymmetric cryptography, the integrity of these audit tools used for audit reduction and reporting, as well as the collected data garnered from them, is not fully protected. Audit tools integrated into the firewall implementation must use cryptographic mechanisms to protect and store audit information transmitted or stored by these tools.
STIG Date
Firewall Security Requirements Guide 2012-12-10

Details

Check Text ( C-SRG-NET-000107-FW-000068_chk )
If audit tools are not installed on the firewall, this is not a finding.

Examine the configuration of audit tools installed on the firewall.
Verify the cryptographic module is configured to use an asymmetric hashing algorithm which uses asymmetric cryptography (e.g., SHA-2 or MD5) for audit tools.

If audit tools installed on the firewall are not configured to use hashing algorithms which use asymmetric cryptography, this is a finding.
Fix Text (F-SRG-NET-000107-FW-000068_fix)
Configure audit tools installed on the firewall/server to use hashing algorithms which use asymmetric cryptography.