CSCv7|12.8

Title

Deploy NetFlow Collection on Networking Boundary Devices

Description

Enable the collection of NetFlow and logging data on all network boundary devices.

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Boundary Defense

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
3.4 Ensure logging is enabled on all firewall policies	FortiGate	CIS Fortigate 7.0.x v1.3.0 L1
3.8 Ensure that VPC Flow Logs is Enabled for Every Subnet in a VPC Network	GCP	CIS Google Cloud Platform v3.0.0 L2
7.1.1.5 Ensure that Network Security Group Flow logs are captured and sent to Log Analytics	microsoft_azure	CIS Microsoft Azure Foundations v4.0.0 L2
7.1.1.7 Ensure that virtual network flow logs are captured and sent to Log Analytics	microsoft_azure	CIS Microsoft Azure Foundations v4.0.0 L2
7.7 (L1) Ensure Virtual Distributed Switch Netflow traffic is sent to an authorized collector	VMware	CIS VMware ESXi 7.0 v1.4.0 L1
7.7 Ensure Virtual Disributed Switch Netflow traffic is sent to an authorized collector	VMware	CIS VMware ESXi 6.7 v1.3.0 Level 1