RFC 3871           Operational Security Requirements      September 2004

   Warnings.

      None.

2.11.4.  Ability to Log Locally

   Requirement.

      It SHOULD be possible to log locally on the device itself.  Local

      logging SHOULD be written to non volatile storage.

   Justification.

      Local logging of failed authentication attempts to non volatile

      storage is critical.  It provides a means of detecting attacks

      where the device is isolated from its authentication interfaces

      and attacked at the console.

      Local logging is important for viewing information when connected

      to the device.  It provides some backup of log data in case remote

      logging fails.  It provides a way to view logs relevant to one

      device without having to sort through a possibly large set of logs

      from other devices.

   Examples.

      One example of local logging would be a memory buffer that

      receives copies of messages sent to the remote log server.

      Another example might be a local syslog server (assuming the

      device is capable of running syslog and has some local storage).

   Warnings.

      Storage on the device may be limited.  High volumes of logging may

      quickly fill available storage, in which case there are two

      options: new logs overwrite old logs (possibly via the use of a

      circular memory buffer or log file rotation), or logging stops.

2.11.5.  Ability to Maintain Accurate System Time

   Requirement.

      The device MUST maintain accurate, "high resolution" (see

      definition in Section 1.8) system time.

Jones                        Informational                     [Page 50]