The network element must monitor and control traffic at both the external and internal boundary interfaces.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-27427	SRG-NET-000205	SV-34736r1_rule		Medium

Description
Audit logs are necessary to provide a trail of evidence in case the network is compromised. With this information, the network administrator can devise ways to block the attack and possibly identify and prosecute the attacker. Information supplied by log data is used for forensic analysis in support of incident as well as to aid with normal traffic analysis. It is imperative all inbound and outbound blocked traffic be logged.

Description

Audit logs are necessary to provide a trail of evidence in case the network is compromised. With this information, the network administrator can devise ways to block the attack and possibly identify and prosecute the attacker. Information supplied by log data is used for forensic analysis in support of incident as well as to aid with normal traffic analysis. It is imperative all inbound and outbound blocked traffic be logged.

STIG	Date
Network Security Requirements Guide	2011-12-28

Details

Check Text ( None )
None

Fix Text (None)
None