11.5.1 Secure Log-on Procedures

Illustrative Controls and TIBCO LogLogic Solution

Encrypt all non-console administrative access. Use technologies such as SSH, VPN, or SSL/TLS for web-based management and other non-console administrative access. All remote management connections must be encrypted to avoid any opportunity for intruders to gain access to the IT infrastructure. To do so, technologies such as SSH (generally port 22/tcp), SSL (generally port 443/tcp) and VPN (SSL or IPsec) must be used.

If non-standard ports are used with these protocols, the justification for the non-standard ports must also be documented. Administrators must review all traffics that are not SSH, SSL or VPN to ensure that they are necessary, approved and documented. Administrators should set up network policy alerts to detect any unauthorized traffic passing through the firewalls.

Reports and Alerts

Use the following link/reference to see the 11.5.1 reports and alerts: TIBCO LogLogic Reports and Alerts Quick Reference.