STIGQter: STIG Summary: Juniper Router NDM Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 24 Jul 2020:

The Juniper router must be configured to generate an alert for all audit failure events.

DISA Rule

SV-101255r1_rule

Vulnerability Number

V-91155

Group Title

SRG-APP-000360-NDM-000295

Rule Version

JUNI-ND-000990

Severity

CAT II

CCI(s)

• CCI-001858 - The information system provides a real-time alert in an organization-defined real-time period to organization-defined personnel, roles, and/or locations when organization-defined audit failure events requiring real-time alerts occur.

Weight

10

Fix Recommendation

Configure the router to send critical to emergency log messages to the syslog server as shown in the example below.

set syslog host x.x.x.x any critical

Note: The parameter "critical" can replaced with a lesser severity level (i.e., error, warning, notice, info).

Check Contents

Review the router configuration to verify that it is compliant with this requirement as shown in the example below.

system {
syslog {
host x.x.x.x {
any critical;
}
}

Note: The parameter "critical" can be replaced with a lesser severity level (i.e., error, warning, notice, info).

If the router is not configured to generate an alert for all audit failure events, this is a finding.

Vulnerability Number

V-91155

Documentable

False

Rule Version

JUNI-ND-000990

Severity Override Guidance

Review the router configuration to verify that it is compliant with this requirement as shown in the example below.

system {
syslog {
host x.x.x.x {
any critical;
}
}

Note: The parameter "critical" can be replaced with a lesser severity level (i.e., error, warning, notice, info).

If the router is not configured to generate an alert for all audit failure events, this is a finding.

Check Content Reference

M

Target Key

3381

Comments