← Back to HP FlexFabric Switch NDM Security Technical Implementation Guide

V-217443

CAT III (Low)

The HP FlexFabric Switch must produce audit log records containing information to establish the source of events.

Rule ID

SV-217443r960900_rule

STIG

HP FlexFabric Switch NDM Security Technical Implementation Guide

Version

V1R4

CCIs

CCI-000133

Discussion

In order to compile an accurate risk assessment and provide forensic analysis, it is essential for security personnel to know the source of the event. The source may be a component, module, or process within the device or an external session, administrator, or device. Associating information about where the source of the event occurred provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured device.

Check Content

Determine if the info-center feature is enabled on the HP FlexFabric Switch:

[HP] display info-center

Information Center: Enabled

If logging is not enabled, this is a finding.

Fix Text

Enable info-center feature on the HP FlexFabric Switch:

[HP] info-center enable

Note:  By default, the information center is enabled.