STIGQter: STIG Summary: Firewall Security Requirements Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The firewall must generate traffic log entries containing information to establish when (date and time) the events occurred.

DISA Rule

SV-206679r604133_rule

Vulnerability Number

V-206679

Group Title

SRG-NET-000075

Rule Version

SRG-NET-000075-FW-000010

Severity

CAT II

CCI(s)

• CCI-000131 - The information system generates audit records containing information that establishes when an event occurred.

Weight

10

Fix Recommendation

Configure the firewall to ensure entries sent to the traffic log include the date and time of the event.

Check Contents

Examine the traffic log configuration on the firewall or view several alert events on the organization's central audit server.

Verify the entries sent to the traffic log include the date and time of each event.

If the traffic log entries do not include the date and time the event occurred, this is a finding.

Vulnerability Number

V-206679

Documentable

False

Rule Version

SRG-NET-000075-FW-000010

Severity Override Guidance

Examine the traffic log configuration on the firewall or view several alert events on the organization's central audit server.

Verify the entries sent to the traffic log include the date and time of each event.

If the traffic log entries do not include the date and time the event occurred, this is a finding.

Check Content Reference

M

Target Key

2912

Comments