Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-79487 | SRG-NET-000113-FW-000005 | SV-94193r1_rule | Low |
Description |
---|
The generation of logs with a subset of criteria aide the system administrator, maintainers, and auditors when troubleshooting issues or reviewing the log for trends or security breaches. Traffic log records can be generated from various components within the information system (e.g., network interface, access control list, or filter). The DoD list of auditable events include the logging and audit requirements required by this document and any additional local requirements. |
STIG | Date |
---|---|
Firewall Security Requirements Guide | 2019-06-28 |
Check Text ( C-79111r1_chk ) |
---|
Obtain a list of required auditable events from the site representative or the System Security Plan (SSP). View the firewall configuration. Verify the firewall allows the system administrator to select a subset of DoD-required auditable events. If the firewall is not configured to allow the system administrator to select a subset of DoD-required events, this is a finding. |
Fix Text (F-86261r1_fix) |
---|
Configure the firewall audit management functions to allow the authorized system administrator to select from a list of auditable events, to include the firewall's network interfaces, rules, and policies. |