DISA STIGS Viewer

The firewall must be configured to use TCP when sending log records to the central audit server.

Overview

Finding ID Version Rule ID IA Controls Severity
V-206685 SRG-NET-000098-FW-000021 SV-206685r604133_rule   Medium
Description
If the default UDP protocol is used for communication between the hosts and devices to the Central Log Server, then log records that do not reach the log server are not detected as a data loss. The use of TCP to transport log records to the log servers improves delivery reliability.
STIG Date
Firewall Security Requirements Guide 2024-12-04

Details

Check Text (C-6942r457833_chk)
Review the firewall configuration and verify that it is configure to use TCP.


If the firewall is not configured to use TCP when sending log records to the central audit server, this is a finding.
Fix Text (F-6942r457834_fix)
Configure the firewall to use TCP when sending log records to the central audit server.