STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 1 hour ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Router Security Requirements Guide

V-207122

CAT III (Low)

The router must be configured to log all packets that have been dropped.

Rule ID

SV-207122r604135_rule

STIG

Router Security Requirements Guide

Version

V5R2

CCIs

CCI-000134

Discussion

Auditing and logging are key components of any security architecture. It is essential for security personnel to know what is being done or attempted to be done, and by whom, to compile an accurate risk assessment. Auditing the actions on network devices provides a means to recreate an attack or identify a configuration mistake on the device.

Check Content

Review the router interface access control lists (ACLs) to verify all deny statements are logged.

If packets being dropped are not logged, this is a finding.

Fix Text

Configure interface ACLs to log all deny statements.