Security-relevant events for CDSs are centrally logged.
Topic
Cross Domain Solution event logging
Applicable to
Secret, Top Secret
History
Priority
must
Sep 2024
Security-relevant events for CDSs are centrally logged.
The existing control recommending specific events for Cross Domain Solutions (CDSs) be centrally logged was slightly reworded for consistency with similar controls.
Dec 2023
All security-relevant events generated by CDSs are centrally logged.
TThe existing control relating to the centralised storage of Cross Domain Solution event logs was merged into the existing control relating to collecting Cross Domain Solution event logs. [ISM-0670, ISM-1776]
Mar 2022
All security-relevant events generated by CDSs are logged.
Miscellaneous changes were made to rationale and recommendations throughout the publication to clarify content without changing intent. This included a review from the Guidelines for System Hardening chapter through to the Guidelines for Data Transfers chapter.
2015
When exporting data from a security domain, agencies must ensure that all CDS events arelogged.
2010
When exporting data, other than highly formatted textual data, agencies must implement thefollowing controls:•••••••protective marking checkslog of each eventmonitoring to detect overuse/unusual usage patternsdata format checkslimitations on data typeskeyword searchessize limits.