800-53|SI-13(5)

Title

FAILOVER CAPABILITY

Description

The organization provides [Selection: real-time; near real-time] [Assignment: organization-defined failover capability] for the information system.

Supplemental

Failover refers to the automatic switchover to an alternate information system upon the failure of the primary information system. Failover capability includes, for example, incorporating mirrored information system operations at alternate processing sites or periodic data mirroring at regular intervals defined by recovery time periods of organizations.

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Parent Title: PREDICTABLE FAILURE PREVENTION

Family: SYSTEM AND INFORMATION INTEGRITY

Audit Items

View all Reference Audit Items

NamePluginAudit Name
3.1 Ensure a fully-synchronized High Availability peer is configuredPalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
3.1 Ensure a fully-synchronized High Availability peer is configuredPalo_AltoCIS Palo Alto Firewall 10 v1.2.0 L1
3.1 Ensure a fully-synchronized High Availability peer is configuredPalo_AltoCIS Palo Alto Firewall 11 v1.1.0 L1
3.1 Ensure a fully-synchronized High Availability peer is configuredPalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path MonitoringPalo_AltoCIS Palo Alto Firewall 11 v1.1.0 L1
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path MonitoringPalo_AltoCIS Palo Alto Firewall 10 v1.2.0 L1
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Link Monitoring EnabledPalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Link Monitoring EnabledPalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Link Monitoring Failure ConditionPalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Link Monitoring Failure ConditionPalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Path Monitoring EnabledPalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Path Monitoring EnabledPalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Path Monitoring Failure ConditionPalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Path Monitoring Failure ConditionPalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
3.2 Ensure each Auto-Scaling Group is configured for multiple Availability Zonesamazon_awsCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0
3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriatelyPalo_AltoCIS Palo Alto Firewall 10 v1.2.0 L1
3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriatelyPalo_AltoCIS Palo Alto Firewall 11 v1.1.0 L1
3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriately - Election SetingsPalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriately - Election SettingsPalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriately - Passive Link StatePalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriately - Passive Link StatePalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
3.5 Ensure Relational Database Service is Multi-AZ Enabledamazon_awsCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0
Ensure 'Failover' is enabledCisco_FirepowerTenable Cisco Firepower Threat Defense Best Practices Audit