An error occurred:

Check: SRG-NET-000334-VPN-001260

Virtual Private Network (VPN) SRG: SRG-NET-000334-VPN-001260 (in versions v3 r3 through v1 r0.1)

Title

The VPN Gateway must off-load audit records onto a different system or media than the system being audited. (Cat II impact)

Discussion

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. This requirement only applies to components where this is specific to the function of the device (e.g., IDPS sensor logs, firewall logs). This does not apply to audit logs generated on behalf of the device itself (management).

Check Content

Verify the VPN Gateway off-loads log records onto a different system or media than the system being audited. If the VPN Gateway does not off-load audit records onto a different system or media than the system being audited, this is a finding.

Fix Text

Configure the VPN Gateway to off-load audit records onto a different system or media than the system being audited.

Additional Identifiers

Rule ID: SV-207234r856706_rule

Vulnerability ID: V-207234

Group Title: SRG-NET-000334

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001851

Transfer audit logs per organization-defined frequency to a different system, system component, or media than the system or system component conducting the logging.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AU-4(1)

Transfer to Alternate Storage