The MQ Appliance network device must use automated mechanisms to alert security personnel to threats identified by authoritative sources (e.g., CTOs) and in association with CJCSM 6510.01B.

Description

<VulnDiscussion>By immediately displaying an alarm message, potential security violations can be identified more quickly even when administrators are not logged into the MQ Appliance network device. An example of a mechanism to facilitate this would be through the use of SNMP traps. Using a syslog logging target, the MQ Appliance logs all audit and system events. Logging may be set to the following logging levels in descending order of criticality: debug, info, notice, warn, error, alert, emerg. The default is notice. It is the responsibility of the sysadmin to configure the triggers necessary to send alerts based upon information received at the syslog server.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>