The IAO/NSO will ensure that alarms are categorized by severity using the following guidelines: - Critical and major alarms are given when a condition that affects service has arisen. For a critical alarm, steps must be taken immediately in order to restore the service that has been lost completely. - A major alarm indicates that steps must be taken as soon as possible because the affected service has degraded drastically and is in danger of being lost completely. - A minor alarm indicates a problem that does not yet affect service, but may do so if the problem is not corrected. - A warning alarm is used to signal a potential problem that may affect service. - An indeterminate alarm is one that requires human intervention to decide its severity.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3047 | NET1720 | SV-3047r1_rule | ECSC-1 | Low |
| Description |
|---|
| Without the proper categories of severity levels being defined on the NMS, outages or attacks may not be responded to by order of criticality. If a critical attack or outage is not responded to first, then there will be a delay in fixing the problem, which may cause network outages to last longer than necessary or expose the network to larger more extensive attacks or outages. |
| STIG | Date |
|---|---|
| Network Devices Security Technical Implementation Guide | 2018-11-27 |
Details
| Check Text ( C-3827r1_chk ) |
|---|
| Request that the network engineer demonstrate the alert capabilities. |
| Fix Text (F-3072r1_fix) |
|---|
| The NSO will ensure that the NMS security alarm severity levels are configured as critical, major, minor, warning and indeterminate. |