An error occurred:

Check: SRG-NET-000334-ALG-000050

Application Layer Gateway (ALG) SRG (SRG): SRG-NET-000334-ALG-000050 (in version v1 r2)

Title

The ALG must off-load audit records onto a centralized log server. (Cat II impact)

Discussion

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. This does not apply to audit logs generated on behalf of the device itself (management).

Check Content

Verify the ALG off-loads audit records onto a centralized log server. If the ALG does not off-load audit records onto a centralized log server, this is a finding.

Fix Text

Configure the ALG to off-load audit records onto a centralized log server.

Additional Identifiers

Rule ID: SV-68677r1_rule

Vulnerability ID: V-54431

Group Title: SRG-NET-000334-ALG-000050

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001851

The information system off-loads audit records per organization-defined frequency onto a different system or media than the system being audited.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AU-4 (1)

Transfer To Alternate Storage