STIGQter: STIG Summary: DBN-6300 IDPS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017: STIGQter: STIG Summary: DBN-6300 IDPS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017:SV-79511r1_rule
V-65021
SRG-NET-000390-IDPS-00212
DBNW-IP-000050
CAT II
10
Configure the DBN-6300 with syslog output to the SIEM.
Navigate to the "Admin" tab.
Click on "External Service Settings" button.
Enter the centralized event management system IP address and port number.
Click on the "Commit" button to start the process.
Configure a database for SQL injection protection for continuous protection.
Enable the SQL injection detection capabilities on the applicable interface for the database to be protected.
Navigate to Admin >> Capture >> Capture Sources.
Select the interface connected the network that contains the database traffic.
Click on the "Enable" button and ensure the Link up indicator turns green.
View the organization's documentation to determine which databases are required to be protected.
Ask the site representative if the device is used continuously or if periodic monitoring is performed.
Navigate to Learning >> Time Regions and view the table of detected databases.
For each database requiring protection, view the "State". Unprotected databases show a red shield. Protected databases show a green shield.
If continuous monitoring is not performed by the organization, this is a finding.
V-65021
False
DBNW-IP-000050
View the organization's documentation to determine which databases are required to be protected.
Ask the site representative if the device is used continuously or if periodic monitoring is performed.
Navigate to Learning >> Time Regions and view the table of detected databases.
For each database requiring protection, view the "State". Unprotected databases show a red shield. Protected databases show a green shield.
If continuous monitoring is not performed by the organization, this is a finding.
M
2949