The DBN-6300 must generate audit records when successful/unsuccessful attempts to delete administrator privileges occur.
An XCCDF Rule
Description
<VulnDiscussion>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. Audit records can be generated from various components within the network device (e.g., module or policy filter). With the DBN-6300, audit records are automatically backed up on a real-time basis via syslog when enabled.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-91701r1_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure the DBN-6300 to be connected to the syslog server. Also configure the DBN-6300 to include audit records in the syslog message feed.
Navigate to Settings >> Advanced >> Syslog.
Enter the syslog connection information (port and IP address) and push the "enabled" button for both "TCP" and "enable".