STIGQter: STIG Summary: Bromium Secure Platform 4.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 May 2018: STIGQter: STIG Summary: Bromium Secure Platform 4.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 May 2018:SV-95175r1_rule
V-80471
SRG-APP-000474
BROM-00-001155
CAT III
10
The BEC administrator must work with the site administrator to forward contents of "worker.log" and "default.log" to a central log server in real time.
1. Automatically forward all contents of "worker.log" and "default.log" to the site's centralized log server in real time.
2. Install the file monitoring agent that is provided by the site's central log server (e.g., syslog, SIEM) and configure to monitor and forward "worker.log" and "default.log" (e.g., C:\Program Data\Bromium\BMS\Logs\default.log).
Note: Follow the instructions included with the event server.
Ask the site representatives if they have developed and implemented a solution for forwarding the contents of "worker.log" and "default.log" to a central log server.
If the BEC and Bromium vSentry does not generate an event and forward to the events server when anomalies in the operation of security functions of the BEC or Bromium vSentry application are discovered, this is a finding.
V-80471
False
BROM-00-001155
Ask the site representatives if they have developed and implemented a solution for forwarding the contents of "worker.log" and "default.log" to a central log server.
If the BEC and Bromium vSentry does not generate an event and forward to the events server when anomalies in the operation of security functions of the BEC or Bromium vSentry application are discovered, this is a finding.
M
3375