UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The firewall implementation must use automated mechanisms to support auditing of the enforcement actions.


Overview

Finding ID Version Rule ID IA Controls Severity
V-37115 SRG-NET-000120-FW-000070 SV-48876r1_rule Medium
Description
Changes to the hardware or software components of the firewall can have significant effects on the overall security of the network. Maintaining audit log records of access events helps to ensure change control is being implemented. Also, the log records support incident investigation.
STIG Date
Firewall Security Requirements Guide 2013-04-24

Details

Check Text ( C-45487r1_chk )
Review the firewall configuration settings to verify automated mechanisms are used to support the auditing of enforcement actions taken in response to access restrictions.

If the firewall implementation does not have automated mechanisms in place for supporting the auditing of enforcement actions, this is a finding.
Fix Text (F-42060r1_fix)
Enable automated mechanisms to support auditing of the enforcement actions taken in response to configured access restrictions.