UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The firewall implementation must use automated mechanisms to support auditing of the enforcement actions.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000120-FW-000075 SRG-NET-000120-FW-000075 SRG-NET-000120-FW-000075_rule Medium
Description
Changes to the hardware or software components of the firewall can have significant effects on the overall security of the network. Maintaining audit log records of access events helps to ensure change control is being implemented. Also, the log records support incident investigation.
STIG Date
Firewall Security Requirements Guide 2012-12-10

Details

Check Text ( C-SRG-NET-000120-FW-000075_chk )
Review the firewall configuration settings to verify automated mechanisms are used to support the auditing of enforcement actions taken in response to access restrictions.

If the firewall implementation does not have automated mechanisms in place for supporting the auditing of enforcement actions, this is a finding.
Fix Text (F-SRG-NET-000120-FW-000075_fix)
Enable automated mechanisms to support auditing of the enforcement actions taken in response to configured access restrictions.