STIGQter: STIG Summary: Virtual Private Network (VPN) Security Requirements Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

When communications with the Central Log Server is lost, the VPN Gateway must continue to queue traffic log records locally.

DISA Rule

SV-207236r608988_rule

Vulnerability Number

V-207236

Group Title

SRG-NET-000336

Rule Version

SRG-NET-000336-VPN-001280

Severity

CAT II

CCI(s)

• CCI-001861 - The information system invokes an organization-defined system mode, in the event of organization-defined audit failures, unless an alternate audit capability exists.

Weight

10

Fix Recommendation

Configure the VPN Gateway to continue to queue traffic log records locally when communications with the Central Log Server is lost.

Check Contents

Verify that in the event that communications with the Central Log Server is lost, the VPN Gateway is configured to continue to queue traffic log records locally.

If the VPN Gateway does not continue to queue traffic log records locally when communications with the Central Log Server is lost, this is a finding.

Vulnerability Number

V-207236

Documentable

False

Rule Version

SRG-NET-000336-VPN-001280

Severity Override Guidance

Verify that in the event that communications with the Central Log Server is lost, the VPN Gateway is configured to continue to queue traffic log records locally.

If the VPN Gateway does not continue to queue traffic log records locally when communications with the Central Log Server is lost, this is a finding.

Check Content Reference

M

Target Key

2920

Comments