STIGQter: STIG Summary: Firewall Security Requirements Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The firewall must be configured to send traffic log entries to a central audit server for management and configuration of the traffic log entries.

DISA Rule

SV-206699r604133_rule

Vulnerability Number

V-206699

Group Title

SRG-NET-000333

Rule Version

SRG-NET-000333-FW-000014

Severity

CAT II

CCI(s)

• CCI-001844 - The information system provides centralized management and configuration of the content to be captured in audit records generated by organization-defined information system components.

Weight

10

Fix Recommendation

Configure the firewall to ensure traffic log entries are transmitted to the organization's central audit server (e.g., syslog server).

Check Contents

Examine the traffic log configuration on the firewall.

Verify the firewall is configured to send traffic log entries to the organization's central audit server.

If the firewall is not configured to send traffic log entries to the organization's central audit server, this is a finding.

Vulnerability Number

V-206699

Documentable

False

Rule Version

SRG-NET-000333-FW-000014

Severity Override Guidance

Examine the traffic log configuration on the firewall.

Verify the firewall is configured to send traffic log entries to the organization's central audit server.

If the firewall is not configured to send traffic log entries to the organization's central audit server, this is a finding.

Check Content Reference

M

Target Key

2912

Comments