The firewall implementation must use automated mechanisms to support auditing of the enforcement actions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-37115 | SRG-NET-000120-FW-000070 | SV-48876r1_rule | Medium |
| Description |
|---|
| Changes to the hardware or software components of the firewall can have significant effects on the overall security of the network. Maintaining audit log records of access events helps to ensure change control is being implemented. Also, the log records support incident investigation. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2013-04-24 |
Details
| Check Text ( C-45487r1_chk ) |
|---|
| Review the firewall configuration settings to verify automated mechanisms are used to support the auditing of enforcement actions taken in response to access restrictions. If the firewall implementation does not have automated mechanisms in place for supporting the auditing of enforcement actions, this is a finding. |
| Fix Text (F-42060r1_fix) |
|---|
| Enable automated mechanisms to support auditing of the enforcement actions taken in response to configured access restrictions. |