STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 6 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Symantec ProxySG ALG Security Technical Implementation Guide

V-94257

CAT II (Medium)

Symantec ProxySG must use a centralized log server.

Rule ID

SV-104211r1_rule

STIG

Symantec ProxySG ALG Security Technical Implementation Guide

Version

V1R3

CCIs

CCI-001851

Discussion

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity. This does not apply to audit logs generated on behalf of the device itself (management).

Check Content

Determine whether audit log off-loading is configured.

1. Log on to the Web Management Console.
2. Browse to Configuration >> Access Logging >> Logs.
3. Click "Upload Client" and Verify that a "Client type" is specified. All client types use TCP for communication to the target server (FTP/S, HTTP/S, Kafka, etc.).

If Symantec ProxySG does not use a centralized log server, this is a finding.

Fix Text

Configure audit log off-loading.

1. Log on to the Web Management Console.
2. Browse to Configuration >> Access Logging >> Logs.
3. Configure the "Upload Client" and "Upload Schedule" capabilities. (All client types use TCP for communication to the site's event server.)