F5BI-DM-000067 – The BIG-IP appliance must be configured to alert the ISSO and SA (at a minimum) in the event of an audit processing failure – at a minimum in the event of an audit processing failure.

Details

It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without this notification, the security personnel may be unaware of an impending failure of the audit capability, and system operation may be adversely affected.

Audit processing failures include software/hardware errors, failures in the audit capturing mechanisms, and audit storage capacity being reached or exceeded.

Solution

Configure the BIG-IP appliance to alert the ISSO and SA (at a minimum) in the event of an audit processing failure.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_F5_BIG-IP_11-x_Y20M10_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability, Configuration Management.This control applies to the following type of system F5.

References

800-53|AU-5a.
800-53|CM-6b.
CAT|III
CCI|CCI-000139
CCI|CCI-000366
Rule-ID|SV-228983r557520_rule
STIG-ID|F5BI-DM-000067
STIG-Legacy|SV-74553
STIG-Legacy|V-60123
Vuln-ID|V-228983

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles