From Bromium Secure Platform 4.x Security Technical Implementation Guide
Part of SRG-APP-000108
Associated with: CCI-000139
It is critical for the appropriate personnel to be aware if an endpoint fails to connect to the management server within a defined time period. Without this notification, the security personnel may be unaware of an impending failure of the event capture capability, malicious activity, or insider threat.
Verify that the reporting threshold for endpoints has been documented. Navigate to the management console, click on the selection arrow next to "Events". Verify the organization-defined time period that the vSentry client must connect to the BEC for logging or policy update purposes is configured. If the BEC does not generate a log record when a Bromium vSentry client has not connected to the BEC for logging or policy update purposes for an organization-defined time period, this is a finding.
Define the organization-defined time period for when an alert should be generated. Navigate to the management console, click on the selection arrow next to "Events" and verify the organization-defined time period that the vSentry client must connect to the BEC for logging or policy update purposes is configured.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer