STIGQter: STIG Summary: IBM DataPower Network Device Management Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Oct 2017: STIGQter: STIG Summary: IBM DataPower Network Device Management Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Oct 2017:SV-79633r1_rule
V-65143
SRG-APP-000357-NDM-000293
WSDP-NM-000095
CAT II
10
Development configuration (on-box logging):
Using the DataPower WebGUI, navigate to Objects >> Logging Configuration >> Audit Log Settings. Specify the desired Log Size, Number of Rotations, and audit level. Press Apply then Save Configuration. (Maximum available log space is approximately 50GB - less space consumed by other data on the device.)
Production configuration (off-box logging):
Using the DataPower WebGUI, navigate to Objects >> Logging Configuration >> Log Target. On the main tab, choose a Target Type, e.g., syslog-tcp, and a Log Format. Specify the remote host and port of the logging server. Enter other parameters according to your requirements, e.g., SSL security.
On the Event Subscriptions tab, add an Event Subscription. Select "audit" as the Event Category. Select a minimum Event Priority, e.g., "error. Click "Apply" >> Click "Apply" >> Click "Save Configuration". Confirm that the status of the log target is displayed as [up] alongside the Log Target heading at the top of the page.
Development configuration (on-box logging): Using the DataPower web interface, navigate to Objects >> Logging Configuration >> Audit Log Settings. Verify that the desired Log Size, Number of Rotations has resulted in "[up]" status displayed after the "Audit Log Settings" heading at the top of page. In the WebGUI, navigate to Status >> View Logs >> System Logs. Ensure the following event message is not displayed: 0x82400067 Audit log space low - using audit reserve space.
If this message appears, it is a finding.
Production configuration (off-box logging)
Using the DataPower WebGUI, navigate to Objects >> Logging Configuration >> Log Target. On the main tab, verify that the correct Target Type and Log Format are selected. Confirm that the remote host and port of an organizationally approved logging server are designated. Confirm that all additional parameters are chosen according to your requirements. Confirm that the status of the log target is displayed as [up] alongside the Log Target heading at the top of the page.
If the status is not up, this is a finding.
V-65143
False
WSDP-NM-000095
Development configuration (on-box logging): Using the DataPower web interface, navigate to Objects >> Logging Configuration >> Audit Log Settings. Verify that the desired Log Size, Number of Rotations has resulted in "[up]" status displayed after the "Audit Log Settings" heading at the top of page. In the WebGUI, navigate to Status >> View Logs >> System Logs. Ensure the following event message is not displayed: 0x82400067 Audit log space low - using audit reserve space.
If this message appears, it is a finding.
Production configuration (off-box logging)
Using the DataPower WebGUI, navigate to Objects >> Logging Configuration >> Log Target. On the main tab, verify that the correct Target Type and Log Format are selected. Confirm that the remote host and port of an organizationally approved logging server are designated. Confirm that all additional parameters are chosen according to your requirements. Confirm that the status of the log target is displayed as [up] alongside the Log Target heading at the top of the page.
If the status is not up, this is a finding.
M
2861