STIGQter: STIG Summary: Juniper SRX SG NDM Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The Juniper SRX Services Gateway must generate a log event when privileged commands are executed.

DISA Rule

SV-223187r513256_rule

Vulnerability Number

V-223187

Group Title

SRG-APP-000343-NDM-000289

Rule Version

JUSX-DM-000029

Severity

CAT III

CCI(s)

• CCI-002234 - The information system audits the execution of privileged functions.

Weight

10

Fix Recommendation

Along with the other commands that constitute a complete DoD syslog configuration, the following command must be ensure privileged commands are sent to the Syslog Server.

[edit]
set system syslog host <IP-syslog-server> any any

Check Contents

Verify the device generates a log event when privileged commands are executed.

[edit]
show system syslog

If a valid syslog host server and the syslog file names are not configured to capture "any" facility and "any" event, this is a finding.

Vulnerability Number

V-223187

Documentable

False

Rule Version

JUSX-DM-000029

Severity Override Guidance

Verify the device generates a log event when privileged commands are executed.

[edit]
show system syslog

If a valid syslog host server and the syslog file names are not configured to capture "any" facility and "any" event, this is a finding.

Check Content Reference

M

Target Key

4098

Comments