Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The firewall implementation must backup application log records at an organizationally defined frequency onto a different system or media.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-999999-FW-000203 | SRG-NET-999999-FW-000203 | SRG-NET-999999-FW-000203_rule | Low |
| Description |
|---|
| Firewall application event logging is a key component of any security architecture. An attack may cause corruption or delete the active events log. Maintaining a backup of the logs will minimize the loss of data needed for incident investigation, forensics analysis, or operational trend analysis. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2012-12-10 |
Details
| Check Text ( C-SRG-NET-999999-FW-000203_chk ) |
|---|
| Verify the firewall implementation is included in the site backup plan. Verify files are periodically backed-up in accordance with an organizationally defined schedule. Verify the backup job is scheduled to perform automatically without system administrator intervention. Verify the backup is configured to a different system or off-line media. If the firewall implementation is not configured to backup log records at an organizationally defined frequency onto a different system or media, this is a finding. |
| Fix Text (F-SRG-NET-999999-FW-000203_fix) |
|---|
| Configure a backup job to automatically backup the configuration files for all firewalls periodically on a schedule identified by the DAA or designated representative. Verify the backup is configured to direct the log files to a different system or off-line media. |