Title

The Google Search Appliances must respond to security function anomalies by notifying the system administrator. (Cat II impact)

Discussion

The need to verify security functionality applies to all security functions. For those security functions not able to execute automated self-tests the organization either implements compensating security controls or explicitly accepts the risk of not performing the verification as required. Information system transitional states include startup, restart, shutdown, and abort.

Check Content

Open the GSA Web Admin Console at https:<your GSA IP or hostname>:8443. Login to the GSA management interface. Navigate to "Administration", select "Network Settings". Ensure that a valid Syslog server is entered correctly. If events are sent and recorded on the Syslog server, this is not a finding.

Fix Text

Open the GSA Web Admin Console at https:<your GSA IP or hostname>:8443. Login to the GSA management interface. Navigate to "Administration", select "Network Settings". Enter a valid Syslog server. Ensure that events are sent and recorded on the Syslog server.

Additional Identifiers

Rule ID: SV-75241r1_rule

Vulnerability ID: V-60789

Group Title: SRG-APP-000200

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.