Detections
Analytics
CSCv6|12.2
Title
Configure monitoring systems to record at least packet header information, and preferably full packet header and payloads of the traffic destined for or passing through the network border.Description
On DMZ networks, configure monitoring systems (which may be built in to the IDS sensors or deployed as a separate technology) to record at least packet header information, and preferably full packet header and payloads of the traffic destined for or passing through the network border. This traffic should be sent to a properly configured Security Information Event Management (SIEM) or log analytics system so that events can be correlated from all devices on the network.Reference Item Details
Reference: CIS Critical Security Controls v6
Category: Boundary Defense
Family: Network