From Trend Micro Deep Security 9.x Security Technical Implementation Guide
Part of SRG-APP-000125
Associated with: CCI-001348
Protection of log data includes assuring log data is not accidentally lost or deleted. Backing up audit records to a different system or onto separate media than the system being audited on an organizationally defined frequency helps to assure in the event of a catastrophic system failure, the audit records will be retained.
Review the Trend Deep Security server configuration to ensure audit records are backed up at least every seven days onto a different system or system component than the system or component being audited. Verify the application backup frequency by reviewing the configuration settings in Administration >> System Settings >> SIEM If the "Forward System Events to a remote computer (via Syslog)" is not enabled with the proper configuration settings, this is a finding.
Configure the Trend Deep Security server to back up audit records at least every seven days onto a different system or system component than the system or component being audited. Configure the application to forward audit records to a log management tool for backup and storage. Go to Administration >> System Settings >> SIEM Enable "Forward System Events to a remote computer (via Syslog)" Configure the following: Hostname or IP address to which events should be sent UDP port to which events should be sent Syslog Facility Syslog Format
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer