The DBN-6300 must activate a system alert message, send an alarm, and/or automatically shut down when a component failure is detected.

An XCCDF Rule

Description

Predictable failure prevention requires organizational planning to address device failure issues. If components key to maintaining the device's security fail to function, the device could continue operating in a nonsecure state. If appropriate actions are not taken when a network device failure occurs, a denial-of-service condition may occur that could result in mission failure because the network would be operating without a critical security monitoring and prevention function. Upon detecting a failure of network device security components, the network device must activate a system alert message, send an alarm, or shut down. With the DBN-6300, audit records are automatically backed up on a real-time basis via syslog when enabled.

ID: SV-91675r1_rule
Version: DBNW-DM-000078
Severity: Medium
References: CCI-000366 CCI-001328
Updated: 15 days ago

Remediation Templates

Configure the DBN-6300 to be connected to the syslog server. Also configure the DBN-6300 to include audit records in the syslog message feed.

Navigate to Settings >> Advanced >> Syslog.

Enter the syslog connection information (port and IP address) and push the "enabled" button for both "TCP" and "enable".
Navigate to Settings >> Advanced >> Audit Log.

Verify that the Audit Syslog, "Use System Syslog" button is set to "Yes" and the Audit Configuration Categories are all checked for Audit Log, Syslog, and Audit Console.

If the "Use System Syslog" button is not set to "Yes", press the "Yes" button.

Click on "Commit".

The DBN-6300 must activate a system alert message, send an alarm, and/or automatically shut down when a component failure is detected.

Description

Remediation Templates

A Manual Procedure