Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The firewall implementation must make alarm messages identifying a security violation accessible to authorized personnel.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000335-FW-000217 | SRG-NET-000335-FW-000217 | SRG-NET-000335-FW-000217_rule | Medium |
| Description |
|---|
| It is essential for security personnel to know what is being done, what was attempted, where it was done, when it was done, and by whom it was done in order to compile an accurate risk assessment. The relevant audit information must be available to administrators. The log records/alerts associated with a security violation must be accessible by authorized personnel so they can readily view them and take appropriate action based on the contents of the alert. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2014-07-07 |
Details
| Check Text ( C-SRG-NET-000335-FW-000217_chk ) |
|---|
| Check the file permissions of the log records; if they do not allow System Administrators and other authorized personnel to view them, this is a finding. |
| Fix Text (F-SRG-NET-000335-FW-000217_fix) |
|---|
| Set the file permissions of log records to allow read access by authorized personnel. |