STIGQter: STIG Summary: Firewall Security Requirements Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The firewall must generate traffic log records when traffic is denied, restricted, or discarded.

DISA Rule

SV-206713r604133_rule

Vulnerability Number

V-206713

Group Title

SRG-NET-000492

Rule Version

SRG-NET-000492-FW-000006

Severity

CAT II

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Weight

10

Fix Recommendation

Configure the firewall central audit server stanza to generate traffic log records for events when traffic is denied, restricted, or discarded.

Check Contents

View the configuration of the firewall or the central audit server log records.

Verify the firewall generates traffic log records when traffic is denied, restricted, or discarded.

If the firewall does not generate traffic log records for events when traffic is denied, restricted, or discarded, this is a finding.

Vulnerability Number

V-206713

Documentable

False

Rule Version

SRG-NET-000492-FW-000006

Severity Override Guidance

View the configuration of the firewall or the central audit server log records.

Verify the firewall generates traffic log records when traffic is denied, restricted, or discarded.

If the firewall does not generate traffic log records for events when traffic is denied, restricted, or discarded, this is a finding.

Check Content Reference

M

Target Key

2912

Comments