SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component. - Memory Utilization

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Predictable failure prevention requires organizational planning to address device failure issues. If components key to maintaining the device's security fail to function, the device could continue operating in an insecure state. If appropriate actions are not taken when a network device failure occurs, a denial of service condition may occur which could result in mission failure since the network would be operating without a critical security monitoring and prevention function. Upon detecting a failure of network device security components, the network device must activate a system alert message or send an alarm.
The type of alarm should ensure that an administrator is made aware of the situation within a period specified in the site's SSP based on mission impact. Alarms may be a message send to an events server, SNMP server, email/text, or a monitored console.
The following alarms are required for ProxySG devices used in DoD.
General
* CPU utilization
* Memory utilization
* Interface(s) utilization
Licensing
* User license utilization
* Base license expiration
Status
* Disk
* Sensor Count Status
* Rebootfalse

Solution

Configure the Symantec ProxySG to send system health notifications.
1. Log on to the Web Management Console.
2. Click Maintenance >> Health Monitoring, select the "General" tab.
3. Click on each metric, click "Edit" and set the desired thresholds and notification types (Log, Trap, and/or Email).
4. Click "Apply".
Configure the following alarms at a minimum.
General
* CPU utilization
* Memory utilization
* Interface(s) utilization
Licensing
* User license utilization
* Base license expiration
Status
* Disk
* Sensor Count Status
* Reboot

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Symantec_ProxySG_V1R1_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-4(5), CAT|II, CCI|CCI-000366, CCI|CCI-001328, Rule-ID|SV-104523r1_rule, STIG-ID|SYMP-NM-000210, Vuln-ID|V-94693

Plugin: BlueCoat

Control ID: 74c946c72eedae2d0d53d9b9447256484c3168e3e9c8e72967b294bb718fdbdc