STIGQter: STIG Summary: Juniper SRX SG NDM Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The Juniper SRX Services Gateway must generate an alarm or send an alert message to the management console when a component failure is detected.

DISA Rule

SV-229028r518262_rule

Vulnerability Number

V-229028

Group Title

SRG-APP-000516-NDM-000317

Rule Version

JUSX-DM-000106

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-000372 - The organization employs automated mechanisms to centrally verify configuration settings for organization-defined information system components.

Weight

10

Fix Recommendation

The following commands configure syslog to immediately display any emergency level or daemon alert events to the management console. The message will display on any currently logged on administrator's console.

[edit]
set system syslog user * any emergency
set system syslog user * daemon critical
set system syslog user * daemon alert

Check Contents

Verify the system Syslog has been configured to display an alert on the console for the emergency and critical levels of the daemon facility.

[edit]
show system syslog

If the system is not configured to generate a system alert message when a component failure is detected, this is a finding.

Vulnerability Number

V-229028

Documentable

False

Rule Version

JUSX-DM-000106

Severity Override Guidance

Verify the system Syslog has been configured to display an alert on the console for the emergency and critical levels of the daemon facility.

[edit]
show system syslog

If the system is not configured to generate a system alert message when a component failure is detected, this is a finding.

Check Content Reference

M

Target Key

4098

Comments