Detections
Analytics

CSCv7|12.8

Title

Deploy NetFlow Collection on Networking Boundary Devices

Description

Enable the collection of NetFlow and logging data on all network boundary devices.

Reference Item Details

Category: Boundary Defense

Audit Items

View all Reference Audit Items

NamePluginAudit Name
3.4 Ensure logging is enabled on all firewall policiesFortiGateCIS Fortigate 7.0.x v1.3.0 L1
3.4 Ensure logging is enabled on all firewall policiesFortiGateCIS Fortigate 7.0.x Level 1 v1.2.0
3.8 Ensure that VPC Flow Logs is Enabled for Every Subnet in a VPC NetworkGCPCIS Google Cloud Platform v2.0.0 L2
3.8 Ensure that VPC Flow Logs is Enabled for Every Subnet in a VPC NetworkGCPCIS Google Cloud Platform v1.3.0 L1
3.8 Ensure that VPC Flow Logs is Enabled for Every Subnet in a VPC NetworkGCPCIS Google Cloud Platform v3.0.0 L2
3.8 Ensure that VPC Flow Logs is enabled for every subnet in a VPC NetworkGCPCIS Google Cloud Platform v1.1.0 L1
5.1.5 Ensure that Network Security Group Flow logs are captured and sent to Log Analyticsmicrosoft_azureCIS Microsoft Azure Foundations v2.1.0 L2
5.1.6 Ensure that Network Security Group Flow logs are captured and sent to Log Analyticsmicrosoft_azureCIS Microsoft Azure Foundations v2.0.0 L2
5.1.6 Ensure that Network Security Group Flow logs are captured and sent to Log Analyticsmicrosoft_azureCIS Microsoft Azure Foundations v1.5.0 L2
7.7 (L1) Ensure Virtual Distributed Switch Netflow traffic is sent to an authorized collectorVMwareCIS VMware ESXi 7.0 v1.4.0 L1
7.7 Ensure Virtual Disributed Switch Netflow traffic is sent to an authorized collectorVMwareCIS VMware ESXi 6.7 v1.1.0 Level 1
7.7 Ensure Virtual Disributed Switch Netflow traffic is sent to an authorized collectorVMwareCIS VMware ESXi 6.7 v1.3.0 Level 1
7.7 Ensure Virtual Disributed Switch Netflow traffic is sent to an authorized collectorVMwareCIS VMware ESXi 6.7 v1.2.0 Level 1
7.7 Ensure Virtual Distributed Switch Netflow traffic is sent to an authorized collectorVMwareCIS VMware ESXi 7.0 v1.2.0 Level 1
7.7 Ensure Virtual Distributed Switch Netflow traffic is sent to an authorized collectorVMwareCIS VMware ESXi 7.0 v1.1.0 Level 1
7.7 Ensure Virtual Distributed Switch Netflow traffic is sent to an authorized collectorVMwareCIS VMware ESXi 7.0 v1.3.0 Level 1