STIGQter: STIG Summary: Virtual Private Network (VPN) Security Requirements Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The VPN Gateway must generate log records when successful and/or unsuccessful VPN connection attempts occur.

DISA Rule

SV-207248r608988_rule

Vulnerability Number

V-207248

Group Title

SRG-NET-000492

Rule Version

SRG-NET-000492-VPN-001980

Severity

CAT II

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Weight

10

Fix Recommendation

Configure the VPN Gateway to generate log records when successful and/or unsuccessful VPN connection attempts occur.

Check Contents

Verify the VPN Gateway generates log records when successful and/or unsuccessful VPN connection attempts occur.

If the VPN Gateway does not generate log records when successful and/or unsuccessful VPN connection attempts occur, this is a finding.

Vulnerability Number

V-207248

Documentable

False

Rule Version

SRG-NET-000492-VPN-001980

Severity Override Guidance

Verify the VPN Gateway generates log records when successful and/or unsuccessful VPN connection attempts occur.

If the VPN Gateway does not generate log records when successful and/or unsuccessful VPN connection attempts occur, this is a finding.

Check Content Reference

M

Target Key

2920

Comments