STIGQter: STIG Summary: Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide Version: 2 Release: 6 Benchmark Date: 24 Jul 2020:

The IDPS must off-load log records to a centralized log server in real-time.

DISA Rule

SV-69573r1_rule

Vulnerability Number

V-55327

Group Title

SRG-NET-000511-IDPS-00012

Rule Version

SRG-NET-000511-IDPS-00012

Severity

CAT II

CCI(s)

CCI-001851 - The information system off-loads audit records per organization-defined frequency onto a different system or media than the system being audited.

Weight

Fix Recommendation

Configure the IDPS to off-load log records to a centralized log server in real-time.

Check Contents

Verify the IDPS off-loads log records to a centralized log server in real-time.

If the IDPS does not off-load log records to a centralized log server in real-time, this is a finding.

Vulnerability Number

V-55327

Documentable

False

Rule Version

SRG-NET-000511-IDPS-00012

Severity Override Guidance

Verify the IDPS off-loads log records to a centralized log server in real-time.

If the IDPS does not off-load log records to a centralized log server in real-time, this is a finding.

Check Content Reference

Target Key

2358

The IDPS must off-load log records to a centralized log server in real-time.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments