Environment
Security Manager 6.x
Situation
How does NetIQ Security Manager satisfy PCI compliance Section 10.5.2?
PCI Compliance section 10.5.2 requirement: "Protect audit trail files from unauthorized modifications. "
PCI Compliance section 10.5.2 requirement: "Protect audit trail files from unauthorized modifications. "
Resolution
Security Manager stores audit trail data in the secure Log Archive data store, which by design is read-only and cannot be modified by an unauthorized user. Data in the Log Archive is compressed and hashed upon storage, providing a record that can be audited during a forensic investigation to prove authenticity. In addition to hashing, the Log Archive can be configured to digitally sign data files when they are stored, providing additional non-repudiation.
Additional Information
Formerly known as NETIQKB72875