STIGQter: STIG Summary: Network Infrastructure Policy Security Technical Implementation Guide Version: 9 Release: 10 Benchmark Date: 24 Jan 2020:

A centralized syslog server must be deployed in the management network.

DISA Rule

SV-8546r2_rule

Vulnerability Number

V-8060

Group Title

A centralized syslog server has not been deployed.

Rule Version

NET1025

Severity

CAT III

CCI(s)

• CCI-001575 - The organization defines the system or system component for storing audit records that is a different system or system component than the system or component being audited.

Weight

10

Fix Recommendation

Stand up a syslog server and connect it to the management network. Configure all managed network elements to send syslog data to the syslog server.

Check Contents

Review the network topology and verify that a syslog server is located within the management network. Note the IP address as documented on the management network topology and verify that this is what is configured on the network elements as the host device for sending syslog data.

If a centralized syslog server has not been deployed in the management network, this is a finding.

Vulnerability Number

V-8060

Documentable

False

Rule Version

NET1025

Severity Override Guidance

Review the network topology and verify that a syslog server is located within the management network. Note the IP address as documented on the management network topology and verify that this is what is configured on the network elements as the host device for sending syslog data.

If a centralized syslog server has not been deployed in the management network, this is a finding.

Check Content Reference

M

Target Key

838

Comments