STIGQter STIGQter: STIG Summary: DBN-6300 IDPS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017:

The DBN-6300 must integrate with a network-wide monitoring capability.

DISA Rule

SV-79509r1_rule

Vulnerability Number

V-65019

Group Title

SRG-NET-000383-IDPS-00208

Rule Version

DBNW-IP-000046

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the DBN-6300 with syslog output to the SIEM.

Navigate to the "Admin" tab.

Click on the "External Service Settings" button.

Enter the centralized event management system IP address and port number.

Click on the "Commit" button to start the process.

Check Contents

Verify integration with a network-wide monitoring capability.

Obtain the IP address and port number for the centralized event management system (e.g., SIEM) from site personnel.

Navigate to the "Admin" tab.

Click on the "External Service Settings" button.

Verify the IP address and port number for the centralized event management system are implemented.

If the DBN-6300 is not configured to send syslog information to a centralized event management system that manages the DBN-6300 network-wide monitoring capability, this is a finding.

Vulnerability Number

V-65019

Documentable

False

Rule Version

DBNW-IP-000046

Severity Override Guidance

Verify integration with a network-wide monitoring capability.

Obtain the IP address and port number for the centralized event management system (e.g., SIEM) from site personnel.

Navigate to the "Admin" tab.

Click on the "External Service Settings" button.

Verify the IP address and port number for the centralized event management system are implemented.

If the DBN-6300 is not configured to send syslog information to a centralized event management system that manages the DBN-6300 network-wide monitoring capability, this is a finding.

Check Content Reference

M

Target Key

2949

Comments