Network Device Management Rules : Ensuring log events are generated when accounts are modified
  
Ensuring log events are generated when accounts are modified
Rule Title: RiOS must automatically create log events when accounts are modified.
STIG ID: RICX-DM-000008
Rule ID: SV-77331r1_rule Severity: CAT III
Vuln ID: V-62841 Class: Unclass
Because the accounts in the network device are privileged or system-level accounts, account management is vital to the security of the network device. Account management by a designated authority ensures access to the network device is being controlled in a secure manner by granting access to only authorized personnel with the appropriate and necessary privileges. Auditing account modification along with an automatic notification to appropriate individuals will provide the necessary reconciliation that account management procedures are being followed. If modifications to management accounts are not audited, reconciliation of account management procedures cannot be tracked.
Verifying log events are generated when accounts are modified
Verify that RiOS is configured to generate log events when accounts are modified. For detailed information, see Verifying log events are generated when accounts are created.
Generating log events when accounts are modified
Configure RiOS to generate log events when accounts are modified.
The actual level for these messages is Notification; however, other settings in this STIG call for the Info level and only one can be selected.
Ensuring log events are generated when accounts are disabled
Rule Title: RiOS must automatically generate a log event when accounts are disabled.
STIG ID: RICX-DM-000009
Rule ID: SV-77333r1_rule Severity: CAT III
Vuln ID: V-62843 Class: Unclass
Account management, as a whole, ensures access to the network device is being controlled in a secure manner by granting access to only authorized personnel. Auditing account disabling actions will support account management procedures. When device management accounts are disabled, user or service accessibility might be affected. Auditing also ensures authorized active accounts remain enabled and available for use when required.
Verifying log events are generated when accounts are disabled
Verify that RiOS is configured to generate log events when accounts are disabled. For detailed information, see Verifying log events are generated when accounts are created.
Generating logging events when accounts are disabled
Configure RiOS to generate log events when accounts are disabled.