The Juniper router must be configured to off-load log records onto a different system than the system being audited.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-217348 | JUNI-ND-001300 | SV-217348r961860_rule | CCI-001851 | medium |
| Description | ||||
| Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. | ||||
| STIG | Date | |||
| Juniper Router NDM Security Technical Implementation Guide | 2024-12-05 | |||
Details
Check Text (C-217348r961860_chk)
Review the router configuration to verify that it is compliant with this requirement as shown in the example below.
system {
syslog {
host x.x.x.x {
any info;
}
}
If the router is not configured to off-load log records onto a different system than the system being audited, this is a finding.
Fix Text (F-18573r296623_fix)
Configure the router to send log records to a syslog server as shown in the example below.
[edit system]
set syslog host x.x.x.x any info