Skip to content
Catalogs
XCCDF
Application Layer Gateway Security Requirements Guide
SRG-NET-000331
The ALG providing user access control intermediary services must provide the capability for authorized users to select a user session to capture or view.
The ALG providing user access control intermediary services must provide the capability for authorized users to select a user session to capture or view. An XCCDF Rule
The ALG providing user access control intermediary services must provide the capability for authorized users to select a user session to capture or view.
Medium Severity
<VulnDiscussion>Without the capability to select a user session to capture or view, investigations into suspicious or harmful events would be hampered by the volume of information captured.
The intent of this requirement is to ensure the capability to select specific sessions to capture is available in order to support general auditing/incident investigation, or to validate suspected misuse by a specific user. Examples of session events that may be captured include, port mirroring, tracking websites visited, and recording information and/or file transfers.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>