STIGQter STIGQter: STIG Summary: Infoblox 7.x DNS Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The Infoblox system audit records must be backed up at least every seven days onto a different system or system component than the system or component being audited.

DISA Rule

SV-214162r612370_rule

Vulnerability Number

V-214162

Group Title

SRG-APP-000125-DNS-000012

Rule Version

IDNS-7X-000120

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Navigate to Grid >> Grid Manager >> Grid Properties >> Monitoring tab.

Enable "Log to External Syslog Servers" and configure an "External Syslog Server".
Review Infoblox audit records on the remote SYSLOG server to validate operation.
When complete, click "Save & Close" to save the changes and exit the "Properties" screen.

Perform a service restart if necessary.

Check Contents

Navigate to Grid >> Grid Manager >> Grid Properties >> Monitoring tab.

If "Log to External Syslog Servers" is enabled, an External Syslog Server must be configured.

If no external SYSLOG server is available verify local procedure to retain audit logs. Logs can be downloaded by navigation to Administration >> Logs >> Audit Log tab and pressing the "Download" button.

When complete, click "Cancel" to exit the "Properties" screen.

If neither an external SYSLOG server is configured, or a local policy is in place to store audit logs, this is a finding.

Vulnerability Number

V-214162

Documentable

False

Rule Version

IDNS-7X-000120

Severity Override Guidance

Navigate to Grid >> Grid Manager >> Grid Properties >> Monitoring tab.

If "Log to External Syslog Servers" is enabled, an External Syslog Server must be configured.

If no external SYSLOG server is available verify local procedure to retain audit logs. Logs can be downloaded by navigation to Administration >> Logs >> Audit Log tab and pressing the "Download" button.

When complete, click "Cancel" to exit the "Properties" screen.

If neither an external SYSLOG server is configured, or a local policy is in place to store audit logs, this is a finding.

Check Content Reference

M

Target Key

3995

Comments