STIGQter: STIG Summary: Juniper SRX SG NDM Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The Juniper SRX Services Gateway must generate log records when privileged commands are executed.

DISA Rule

SV-223195r513277_rule

Vulnerability Number

V-223195

Group Title

SRG-APP-000504-NDM-000321

Rule Version

JUSX-DM-000044

Severity

CAT III

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Weight

10

Fix Recommendation

Configure at least one external syslog host to log facility any and severity info or any. There are multiple ways to accomplish this, the following is an example.

[edit system syslog]
set host <syslog server address> any any

Check Contents

Verify the device generates a log when login events occur.

[edit]
show system syslog

host <syslog server address> {
any any;
source-address <device address>;
}

If an external syslog host is not configured to log, or configured for facility any severity any, this is a finding.

Vulnerability Number

V-223195

Documentable

False

Rule Version

JUSX-DM-000044

Severity Override Guidance

Verify the device generates a log when login events occur.

[edit]
show system syslog

host <syslog server address> {
any any;
source-address <device address>;
}

If an external syslog host is not configured to log, or configured for facility any severity any, this is a finding.

Check Content Reference

M

Target Key

4098

Comments