STIGQter STIGQter: STIG Summary: Symantec ProxySG NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020:

Symantec ProxySG must generate an alert to the console when a log processing failure is detected such as loss of communications with the Central Log Server or log records are no longer being sent.

DISA Rule

SV-104499r1_rule

Vulnerability Number

V-94669

Group Title

SRG-APP-000360-NDM-000295

Rule Version

SYMP-NM-000090

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Configure the ProxySG to send notifications.

1. Log on to the Web Management Console.
2. Click Maintenance >> Events Logging.
3. Select "Severe".
4. Select the "Mail" tab and enter the email address to receive the email alert.
5. Click "Apply".

Check Contents

Verify the Symantec ProxySG is configured to send alerts when event logging fails.

1. Log on to the Web Management Console.
2. Click Maintenance >> Events Logging.
3. Confirm that "Severe" is checked.
4. Select the "Mail" tab and confirm an email address of an administrator is entered.

If Symantec ProxySG does not generate an alert to the console when a log processing failure is detected such as loss of communications with the Central Log Server or log records are no longer being sent, this is a finding.

Vulnerability Number

V-94669

Documentable

False

Rule Version

SYMP-NM-000090

Severity Override Guidance

Verify the Symantec ProxySG is configured to send alerts when event logging fails.

1. Log on to the Web Management Console.
2. Click Maintenance >> Events Logging.
3. Confirm that "Severe" is checked.
4. Select the "Mail" tab and confirm an email address of an administrator is entered.

If Symantec ProxySG does not generate an alert to the console when a log processing failure is detected such as loss of communications with the Central Log Server or log records are no longer being sent, this is a finding.

Check Content Reference

M

Target Key

3517

Comments