STIGQter STIGQter: STIG Summary: DBN-6300 IDPS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017:

The DBN-6300 must support centralized management and configuration of the content captured in audit records generated by all DBN-6300 components.

DISA Rule

SV-79505r1_rule

Vulnerability Number

V-65015

Group Title

SRG-NET-000333-IDPS-00190

Rule Version

DBNW-IP-000038

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the DBN-6300 with syslog output to the SIEM.

Navigate to the "Admin" tab.

Click on the "External Service Settings" button.

Enter the centralized event management system IP address and port number.

Click on the "Commit" button to start the process.

Check Contents

Verify integration with a network-wide monitoring capability.

Obtain the IP address and port number for the centralized event management system (e.g., SIEM) from site personnel.

Navigate to the "Admin" tab.

Click on the "External Service Settings" button.

Verify the IP address and port number for the centralized event management system are implemented.

If the DBN-6300 is not configured to send syslog information to a centralized event management system that manages the DBN-6300 network-wide monitoring capability, this is a finding.

Vulnerability Number

V-65015

Documentable

False

Rule Version

DBNW-IP-000038

Severity Override Guidance

Verify integration with a network-wide monitoring capability.

Obtain the IP address and port number for the centralized event management system (e.g., SIEM) from site personnel.

Navigate to the "Admin" tab.

Click on the "External Service Settings" button.

Verify the IP address and port number for the centralized event management system are implemented.

If the DBN-6300 is not configured to send syslog information to a centralized event management system that manages the DBN-6300 network-wide monitoring capability, this is a finding.

Check Content Reference

M

Target Key

2949

Comments