STIGQter: STIG Summary: Arista MLS DCS-7000 Series NDM Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 25 Oct 2019:

The Arista Multilayer Switch must generate audit records when concurrent logons from different workstations occur.

DISA Rule

SV-75335r1_rule

Vulnerability Number

V-60877

Group Title

SRG-APP-000506-NDM-000323

Rule Version

AMLS-NM-000380

Severity

CAT II

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Weight

10

Fix Recommendation

Configure the network device to generate audit records when concurrent logons from different workstations occur.

Enable logging level 6 to ensure this event is captured.

Switch(config)#logging trap 6
switch(config)#logging level all 6

Check Contents

Determine if the network device generates audit records when concurrent logons from different workstations occur.

If the network device does not generate audit records when concurrent logons from different workstations occur, this is a finding.

Verify by reviewing log files to show concurrent logons to the system via the "Show Logging" command.

Vulnerability Number

V-60877

Documentable

False

Rule Version

AMLS-NM-000380

Severity Override Guidance

Determine if the network device generates audit records when concurrent logons from different workstations occur.

If the network device does not generate audit records when concurrent logons from different workstations occur, this is a finding.

Verify by reviewing log files to show concurrent logons to the system via the "Show Logging" command.

Check Content Reference

M

Target Key

2825

Comments