STIGQter: STIG Summary: Virtual Private Network (VPN) Security Requirements Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The VPN Gateway must provide centralized management and configuration of the content to be captured in log records generated by all network components.

DISA Rule

SV-207233r608988_rule

Vulnerability Number

V-207233

Group Title

SRG-NET-000333

Rule Version

SRG-NET-000333-VPN-001250

Severity

CAT II

CCI(s)

• CCI-001844 - The information system provides centralized management and configuration of the content to be captured in audit records generated by organization-defined information system components.

Weight

10

Fix Recommendation

Configure the VPN Gateway to provide centralized management and configuration of the content to be captured in log records generated by all network components.

Check Contents

Verify the VPN Gateway provides centralized management and configuration of the content to be captured in log records generated by all network components.

If the VPN Gateway does not provide centralized management and configuration of the content to be captured in log records generated by all network components, this is a finding.

Vulnerability Number

V-207233

Documentable

False

Rule Version

SRG-NET-000333-VPN-001250

Severity Override Guidance

Verify the VPN Gateway provides centralized management and configuration of the content to be captured in log records generated by all network components.

If the VPN Gateway does not provide centralized management and configuration of the content to be captured in log records generated by all network components, this is a finding.

Check Content Reference

M

Target Key

2920

Comments