| Identifying destination domain address for information flows within the network allows forensic reconstruction of events when required, and increases policy compliance by attributing policy violations to specific individuals. Means to enforce this enhancement include ensuring the network device distinguishes between information systems and organizations, and between specific system components or individuals involved in sending and receiving information.
Examples of information transfer for the network device are communications with the router, IPS, or central logging server. Without unique identifiers, the audit records of these information transfers would not be useful when tracking possible violations. This requirement is applicable to specific devices and does not involve the management of a network device. |
