An error occurred:

Check: JUNI-ND-001300

Juniper Router NDM STIG: JUNI-ND-001300 (in versions v3 r2 through v1 r0.1)

Title

The Juniper router must be configured to off-load log records onto a different system than the system being audited. (Cat II impact)

Discussion

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity.

Check Content

Review the router configuration to verify that it is compliant with this requirement as shown in the example below. system { syslog { host x.x.x.x { any info; } } If the router is not configured to off-load log records onto a different system than the system being audited, this is a finding.

Fix Text

Configure the router to send log records to a syslog server as shown in the example below. [edit system] set syslog host x.x.x.x any info

Additional Identifiers

Rule ID: SV-217348r961860_rule

Vulnerability ID: V-217348

Group Title: SRG-APP-000515-NDM-000325

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001851

Transfer audit logs per organization-defined frequency to a different system, system component, or media than the system or system component conducting the logging.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AU-4(1)

Transfer to Alternate Storage