Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IDPS must use internal system clocks to generate timestamps for sensor event records.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34570 | SRG-NET-999999-IDPS-00230 | SV-45424r1_rule | Low |
| Description |
|---|
| Sensor event logging is a key component of any security architecture. Logging the actions of specific events provides a means to investigate an attack, recognize resource utilization or capacity thresholds, or to simply identify an improperly configured IDPS. In order to determine what is happening within the network infrastructure or to resolve and trace an attack, it is imperative to correlate the log data from the IDPS to acquire a clear understanding as to what happened or is happening. In order to correlate, timestamps are needed on all of the log records. |
| STIG | Date |
|---|---|
| Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide | 2012-11-19 |
Details
| Check Text ( C-42773r1_chk ) |
|---|
| Inspect each sensor. Verify the sensors are configured to use the internal system clock to generate the date/timestamp included with the event log entry. If the system is not configured to use internal system clocks to generate timestamps for sensor event records, this is a finding. |
| Fix Text (F-38821r1_fix) |
|---|
| For each sensor, configure the device to use the internal system clock to generate the date/timestamp included with the event log entry. |