STIGQter: STIG Summary: Riverbed SteelHead CX v8 NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 25 Oct 2019:

Riverbed Optimization System (RiOS) must generate audit records containing the full-text recording of privileged commands.

DISA Rule

SV-77389r1_rule

Vulnerability Number

V-62899

Group Title

SRG-APP-000101-NDM-000231

Rule Version

RICX-DM-000049

Severity

CAT II

CCI(s)

• CCI-000135 - The information system generates audit records containing the organization-defined additional, more detailed information that is to be included in the audit records.

Weight

10

Fix Recommendation

Configure RiOS to generate audit records containing the full-text recording of privileged commands

Navigate to the device Management Console
Navigate to Configure >> System Settings >> Logging

Set "Minimum Severity" to "info"
Click "Apply"
Navigate to the top of the screen and click "Save"

Check Contents

Verify that RiOS is configured to generate audit records containing the full-text recording of privileged commands

Navigate to the device Management Console
Navigate to Configure >> System Settings >> Logging

Verify that "Minimum Severity" is set to "info"

If the "Minimum Severity" is not set to "info", this is a finding.

Vulnerability Number

V-62899

Documentable

False

Rule Version

RICX-DM-000049

Severity Override Guidance

Verify that RiOS is configured to generate audit records containing the full-text recording of privileged commands

Navigate to the device Management Console
Navigate to Configure >> System Settings >> Logging

Verify that "Minimum Severity" is set to "info"

If the "Minimum Severity" is not set to "info", this is a finding.

Check Content Reference

M

Target Key

2931

Comments