Check: WSDP-NM-000101
IBM DataPower Network Device Management STIG:
WSDP-NM-000101
(in versions v1 r2 through v1 r1)
Title
The DataPower Gateway must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). (Cat II impact)
Discussion
If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the application include date and time. Time is commonly expressed in Coordinated Universal Time (UTC), a modern continuation of Greenwich Mean Time (GMT), or local time with an offset from UTC.
Check Content
In the web interface, go to Status >> View Logs >> Audit Log to display current time stamped log entries. If the UTC format is not used, this is a finding.
Fix Text
By default, the DataPower Gateway records time stamps for audit records in Coordinated Universal Time (UTC). The following is an example: March 30, 2015 followed by the number of milliseconds since January 1, 1970. 20150330T072434.296Z
Additional Identifiers
Rule ID: SV-79645r1_rule
Vulnerability ID: V-65155
Group Title: SRG-APP-000374-NDM-000299
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001890 |
Record time stamps for audit records that use Coordinated Universal Time, have a fixed local time offset from Coordinated Universal Time, or that include the local time offset as part of the time stamp. |
Controls
| Number | Title |
|---|---|
| AU-8 |
Time Stamps |