STIGQter: STIG Summary: IBM DataPower ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Jan 2016:

The DataPower Gateway must provide an immediate real-time alert to, at a minimum, the SCA and ISSO, of all audit failure events where the detection and/or prevention function is unable to write events to either local storage or the centralized server.

DISA Rule

SV-79751r1_rule

Vulnerability Number

V-65261

Group Title

SRG-NET-000335-ALG-000053

Rule Version

WSDP-AG-000091

Severity

CAT II

CCI(s)

• CCI-001858 - The information system provides a real-time alert in an organization-defined real-time period to organization-defined personnel, roles, and/or locations when organization-defined audit failure events requiring real-time alerts occur.

Weight

10

Fix Recommendation

Log Target to send all Critical log messages to the desired destination.

Search Bar “Log Target” >> Add >> Name log target name >> Target Type “SOAP” >> URL dest url

Event Subscriptions tab >> Add >> Event Category “all” >> Minimum Event Priority “critical”

Check Contents

Examine configuration of Log targets (type “Log Target” in navigation search box) to verify a target that delivers Critical messages.

If no log targets are configured, this is a finding.

Vulnerability Number

V-65261

Documentable

False

Rule Version

WSDP-AG-000091

Severity Override Guidance

Examine configuration of Log targets (type “Log Target” in navigation search box) to verify a target that delivers Critical messages.

If no log targets are configured, this is a finding.

Check Content Reference

M

Target Key

2859

Comments