The IAO/NSO will ensure that alarms are categorized by severity using the following guidelines: - Critical and major alarms are given when a condition that affects service has arisen. For a critical alarm, steps must be taken immediately in order to restore the service that has been lost completely. - A major alarm indicates that steps must be taken as soon as possible because the affected service has degraded drastically and is in danger of being lost completely. - A minor alarm indicates a problem that does not yet affect service, but may do so if the problem is not corrected. - A warning alarm is used to signal a potential problem that may affect service. - An indeterminate alarm is one that requires human intervention to decide its severity.

From Network Devices Security Technical Implementation Guide

Part of NMS security alarms not defined by severity.

Associated with IA controls: ECSC-1

SV-3047r1_rule The IAO/NSO will ensure that alarms are categorized by severity using the following guidelines: - Critical and major alarms are given when a condition that affects service has arisen. For a critical alarm, steps must be taken immediately in order to restore the service that has been lost completely. - A major alarm indicates that steps must be taken as soon as possible because the affected service has degraded drastically and is in danger of being lost completely. - A minor alarm indicates a problem that does not yet affect service, but may do so if the problem is not corrected. - A warning alarm is used to signal a potential problem that may affect service. - An indeterminate alarm is one that requires human intervention to decide its severity.

Vulnerability discussion

Without the proper categories of severity levels being defined on the NMS, outages or attacks may not be responded to by order of criticality. If a critical attack or outage is not responded to first, then there will be a delay in fixing the problem, which may cause network outages to last longer than necessary or expose the network to larger more extensive attacks or outages.

Check content

Request that the network engineer demonstrate the alert capabilities.

Fix text

The NSO will ensure that the NMS security alarm severity levels are configured as critical, major, minor, warning and indeterminate.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.