STIGQter: STIG Summary: CA API Gateway ALG Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Apr 2017:

The CA API Gateway must off-load audit records onto a centralized log server.

DISA Rule

SV-86051r1_rule

Vulnerability Number

V-71427

Group Title

SRG-NET-000334-ALG-000050

Rule Version

CAGW-GW-000590

Severity

CAT II

CCI(s)

• CCI-001851 - The information system off-loads audit records per organization-defined frequency onto a different system or media than the system being audited.

Weight

10

Fix Recommendation

Open the CA API Gateway - Policy Manager.

Select "Tasks" and chose "Manage Log/Audit Sinks".

Double-click the "ssg" log and change the "Type:" to "Syslog".

Click "Syslog Settings" and specify the settings for the Centralized Syslog Server as defined by the organization.

Check Contents

By default, audit records are created locally on the CA API Gateway Server and will need to be configured for off-loading using the External Audit Store Wizard or by specifying to send them to a Syslog server via TCP, UDP, or SSL.

If they are not, this is a finding.

Vulnerability Number

V-71427

Documentable

False

Rule Version

CAGW-GW-000590

Severity Override Guidance

By default, audit records are created locally on the CA API Gateway Server and will need to be configured for off-loading using the External Audit Store Wizard or by specifying to send them to a Syslog server via TCP, UDP, or SSL.

If they are not, this is a finding.

Check Content Reference

M

Target Key

3049

Comments