UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Symantec ProxySG must back up event logs onto a different system or system component than the system or component being audited.


Overview

Finding ID Version Rule ID IA Controls Severity
V-94679 SYMP-NM-000140 SV-104509r1_rule Medium
Description
Protection of log data includes assuring log data is not accidentally lost or deleted. Regularly backing up audit records to a different system or onto separate media than the system being audited helps to assure, in the event of a catastrophic system failure, the audit records will be retained. This helps to ensure a compromise of the information system being audited does not also result in a compromise of the audit records.
STIG Date
Symantec ProxySG NDM Security Technical Implementation Guide 2019-05-21

Details

Check Text ( C-93869r1_chk )
Verify event logging to a remote events collection server is configured in order to send event logs to a different system.

1. Log on to the Web Management Console.
2. Click Maintenance >> Event Logging >> Syslog.
3. Confirm that "Syslog" is "Enabled" and a syslog server is specified.

If Symantec ProxySG does not back up event logs onto a different system or system component than the system or component being audited, this is a finding.
Fix Text (F-100797r1_fix)
Configure event logging to a remote events server to ensure that event logs are recorded on a different system.

To configure Syslog:
1. Log on to the Web Management Console.
2. Click Maintenance >> Event Logging >> Syslog.
3. Enter the IP address or name of a syslog server, click "OK".
4. Repeat step 3 for any additional syslog servers.
5. Click "Apply".