STIGQter: STIG Summary: Symantec ProxySG NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020:

Symantec ProxySG must enable event access logging.

DISA Rule

SV-104495r1_rule

Vulnerability Number

V-94665

Group Title

SRG-APP-000089-NDM-000221

Rule Version

SYMP-NM-000070

Severity

CAT II

CCI(s)

• CCI-000169 - The information system provides audit record generation capability for the auditable events defined in AU-2 a. at organization-defined information system components.

Weight

10

Fix Recommendation

Event access logging is enabled by default. In order to enable audit logging, both "Event Logging" and "Admin Access Layer" logging must be configured. All information is always logged, but a display filter can be set to view a subset of the information.

1. Log on to the Web Management Console.
2. Click Maintenance >> Event Logging and ensure that the log level is set to at least "Configuration Events".

Check Contents

Verify event access logging is enabled.

1. Log on to the Web Management Console.
2. Click Maintenance >> Event Logging and ensure that the log level is set to at least "Configuration Events".

If event access logging is not enabled, this is a finding.

Vulnerability Number

V-94665

Documentable

False

Rule Version

SYMP-NM-000070

Severity Override Guidance

Verify event access logging is enabled.

1. Log on to the Web Management Console.
2. Click Maintenance >> Event Logging and ensure that the log level is set to at least "Configuration Events".

If event access logging is not enabled, this is a finding.

Check Content Reference

M

Target Key

3517

Comments