STIGQter: STIG Summary: Cisco NX-OS Switch NDM Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

The Cisco switch must be configured to send log data to a central log server for the purpose of forwarding alerts to the administrators and the ISSO.

DISA Rule

SV-220516r604141_rule

Vulnerability Number

V-220516

Group Title

SRG-APP-000516-NDM-000350

Rule Version

CISC-ND-001450

Severity

CAT I

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the switch to send log messages to the syslog server as shown in the example below:

SW4(config)# logging server 10.1.48.10 6

Check Contents

Verify that the switch is configured to send logs to a syslog server. The configuration should look similar to the example below:

logging server 10.1.48.10 6

If the switch is not configured to send log data to the syslog server, this is a finding.

Vulnerability Number

V-220516

Documentable

False

Rule Version

CISC-ND-001450

Severity Override Guidance

Verify that the switch is configured to send logs to a syslog server. The configuration should look similar to the example below:

logging server 10.1.48.10 6

If the switch is not configured to send log data to the syslog server, this is a finding.

Check Content Reference

M

Target Key

4066

Comments