Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-94693 | SYMP-NM-000210 | SV-104523r1_rule | CCI-000366 | medium |
| Description | ||||
| Predictable failure prevention requires organizational planning to address device failure issues. If components key to maintaining the device's security fail to function, the device could continue operating in an insecure state. If appropriate actions are not taken when a network device failure occurs, a denial of service condition may occur which could result in mission failure since the network would be operating without a critical security monitoring and prevention function. Upon detecting a failure of network device security components, the network device must activate a system alert message or send an alarm. The type of alarm should ensure that an administrator is made aware of the situation within a period specified in the site's SSP based on mission impact. Alarms may be a message send to an events server, SNMP server, email/text, or a monitored console. The following alarms are required for ProxySG devices used in DoD. General * CPU utilization * Memory utilization * Interface(s) utilization Licensing * User license utilization * Base license expiration Status * Disk * Sensor Count Status * Reboot | ||||
| STIG | Date | |||
| Symantec ProxySG NDM Security Technical Implementation Guide | 2019-12-20 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-6
1.00
- DISA · V1R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
- DISA · V1R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
- DISA · V1R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
- DISA · V1R2 · disa_xccdf · related
Details
Check Text (C-104523r1_chk)
Verify the Symantec ProxySG is configured to send system health notifications.
1. Log on to Web Management Console.
2. Click Maintenance >> Health Monitoring, select the "General" tab.
3. Confirm that the Notification methods are correct for each metric (Log, Trap, and/or Email).
If the Symantec ProxySG is not configured to send system health notifications, this is a finding.
Fix Text (F-100811r1_fix)
Configure the Symantec ProxySG to send system health notifications.
1. Log on to the Web Management Console.
2. Click Maintenance >> Health Monitoring, select the "General" tab.
3. Click on each metric, click "Edit" and set the desired thresholds and notification types (Log, Trap, and/or Email).
4. Click "Apply".
Configure the following alarms at a minimum.
General
* CPU utilization
* Memory utilization
* Interface(s) utilization
Licensing
* User license utilization
* Base license expiration
Status
* Disk
* Sensor Count Status
* Reboot