STIGQter: STIG Summary: Bromium Secure Platform 4.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 May 2018: STIGQter: STIG Summary: Bromium Secure Platform 4.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 May 2018:SV-95131r1_rule
V-80427
SRG-APP-000093
BROM-00-000155
CAT III
10
Configure a custom rule to view a user's activity.
Ensure host monitoring is enabled in the base or applicable delta policy.
1. From the management console, click on "Policies".
2. Select the base policy that covers all devices.
3. Within the base policy, select the "Features" tab, navigate to the "Monitoring" section, and enable "Host Monitoring".
4. Click "Save and Deploy".
Configure the Custom Rule to monitor one or more Bromium vSentry clients.
1. Click the arrow next to "Policies" and select "Monitoring Rules".
2. Click "Rule Options" and select "Create Custom Rule".
3. Create a name for the custom rule.
4. Apply the custom rule to a group.
5. Configure the applications, triggers, and any exclusions associated with the activity to be monitored.
6. Click "Save".
If custom rules are required, verify that monitoring rules are enabled. Custom rules may or may not be present on the BEC, depending on the site's need. It is not mandatory to use this feature, just that the feature be configured to be used in case it is needed.
1. From the management console, click on "Policies".
2. Select the base policy that covers all devices.
3. Within the base policy, select the "Features" tab, navigate to the "Monitoring" section, and verify that "Host Monitoring" is enabled.
4. Click on "Policies" and verify "Monitoring Rules" is checked.
If the Bromium Enterprise Controller (BEC) is not configured for authorized users to capture and log content related to a user session, this is a finding.
V-80427
False
BROM-00-000155
If custom rules are required, verify that monitoring rules are enabled. Custom rules may or may not be present on the BEC, depending on the site's need. It is not mandatory to use this feature, just that the feature be configured to be used in case it is needed.
1. From the management console, click on "Policies".
2. Select the base policy that covers all devices.
3. Within the base policy, select the "Features" tab, navigate to the "Monitoring" section, and verify that "Host Monitoring" is enabled.
4. Click on "Policies" and verify "Monitoring Rules" is checked.
If the Bromium Enterprise Controller (BEC) is not configured for authorized users to capture and log content related to a user session, this is a finding.
M
3375