STIGQter: STIG Summary: IBM DataPower Network Device Management Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Oct 2017: STIGQter: STIG Summary: IBM DataPower Network Device Management Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Oct 2017:SV-79563r1_rule
V-65073
SRG-APP-000108-NDM-000232
WSDP-NM-000033
CAT II
10
A Log Target can be configured to generate notifications (e.g., SNMP, SMTP) in the event that any of these event codes are detected.
Privileged account user log on to default domain >> Administration >> Miscellaneous >> "Manage Log Targets" >> Click the "Add" button >> Name: "SystemResourcesLog” >> Target Type: Select the desired notification mechanism (e.g., SMTP) >> Configure the SMTP server, providing the requested information; Log Format: “text” >> Fixed Format: off >> Rate Limit: “100” >> Feedback Detection: on >> Identical Event Detection: off >> Click the "Event Filters" tab >> Under "Event Subscriptions", add the following event codes: 0x00330034, 0x01a40001, 0x01a30002, 0x01a30003, 0x01a40005, 0x01a30006, 0x01a30014, 0x01a30015, 0x01a30017 >> Click the "Apply" button >> Click "Save Configuration".
Administration >> Miscellaneous >> "Manage Log Targets" >> Click the appropriate log target (e.g., "SystemResourcesLog") >> Click the "Event Filters" tab >> Confirm subscriptions to the following event codes: 0x00330034, 0x01a40001, 0x01a30002, 0x01a30003, 0x01a40005, 0x01a30006, 0x01a30014, 0x01a30015, 0x01a30017. If any of these codes are not subscribed to, this is a finding.
V-65073
False
WSDP-NM-000033
Administration >> Miscellaneous >> "Manage Log Targets" >> Click the appropriate log target (e.g., "SystemResourcesLog") >> Click the "Event Filters" tab >> Confirm subscriptions to the following event codes: 0x00330034, 0x01a40001, 0x01a30002, 0x01a30003, 0x01a40005, 0x01a30006, 0x01a30014, 0x01a30015, 0x01a30017. If any of these codes are not subscribed to, this is a finding.
M
2861