UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The firewall must be configured to allow the system administrator to select a subset of DoD-required auditable events.


Overview

Finding ID Version Rule ID IA Controls Severity
V-79487 SRG-NET-000113-FW-000005 SV-94193r1_rule Low
Description
The generation of logs with a subset of criteria aide the system administrator, maintainers, and auditors when troubleshooting issues or reviewing the log for trends or security breaches. Traffic log records can be generated from various components within the information system (e.g., network interface, access control list, or filter). The DoD list of auditable events include the logging and audit requirements required by this document and any additional local requirements.
STIG Date
Firewall Security Requirements Guide 2018-09-13

Details

Check Text ( C-79111r1_chk )
Obtain a list of required auditable events from the site representative or the System Security Plan (SSP). View the firewall configuration. Verify the firewall allows the system administrator to select a subset of DoD-required auditable events.

If the firewall is not configured to allow the system administrator to select a subset of DoD-required events, this is a finding.
Fix Text (F-86261r1_fix)
Configure the firewall audit management functions to allow the authorized system administrator to select from a list of auditable events, to include the firewall's network interfaces, rules, and policies.