UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The firewall implementation must produce application log records containing sufficient information to establish where the events occurred.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-999999-FW-000190 SRG-NET-999999-FW-000190 SRG-NET-999999-FW-000190_rule Low
Description
Logging network location information for each detected event provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured firewall. In order to establish and correlate the series of events leading up to an outage or attack, it is imperative the source or object of the log record is recorded in all log records.
STIG Date
Firewall Security Requirements Guide 2012-12-10

Details

Check Text ( C-SRG-NET-999999-FW-000190_chk )
Examine the aggregated firewall application log on the management console.
View entries for several alerts.
Verify the events in the logs show the location of each event (e.g., network name, network subnet, network segment, or organization).

If the firewall implementation event log records do not include the event location, this is a finding.
Fix Text (F-SRG-NET-999999-FW-000190_fix)
Configure the firewall implementation to capture the location of each event (e.g., network name, network subnet, network segment, or organization).