STIGQter: STIG Summary: CA API Gateway ALG Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Apr 2017:

The CA API Gateway must off-load audit records onto a centralized log server in real time.

DISA Rule

SV-86113r1_rule

Vulnerability Number

V-71489

Group Title

SRG-NET-000511-ALG-000051

Rule Version

CAGW-GW-000910

Severity

CAT II

CCI(s)

• CCI-001851 - The information system off-loads audit records per organization-defined frequency onto a different system or media than the system being audited.

Weight

10

Fix Recommendation

Open the CA API Gateway - Policy Manager.

Select "Tasks" and chose "Manage Log/Audit Sinks".

Double-click the "ssg" log and change the "Type:" to "Syslog".

Click "Syslog Settings" and specify the settings for the Centralized Syslog Server as defined by the organization.

Check Contents

Open the CA API Gateway - Policy Manager.

Select "Tasks" and chose "Manage Log/Audit Sinks".

Confirm the "ssg" log type is "Syslog". Click "Syslog Settings" and verify the settings for the Centralized Syslog Server are set as defined by the organization.

If the log type is not "Syslog", this is a finding.

If the centralized syslog server settings are not set as defined by the organization, this is a finding.

Vulnerability Number

V-71489

Documentable

False

Rule Version

CAGW-GW-000910

Severity Override Guidance

Open the CA API Gateway - Policy Manager.

Select "Tasks" and chose "Manage Log/Audit Sinks".

Confirm the "ssg" log type is "Syslog". Click "Syslog Settings" and verify the settings for the Centralized Syslog Server are set as defined by the organization.

If the log type is not "Syslog", this is a finding.

If the centralized syslog server settings are not set as defined by the organization, this is a finding.

Check Content Reference

M

Target Key

3049

Comments