Ensure Audit Success and Failure for 'Logon-Logoff: Audit IPsec Quick Mode'ID: oval:org.secpod.oval:def:14782 | Date: (C)2013-08-13 (M)2022-10-10 |
Class: COMPLIANCE | Family: windows |
This policy setting allows you to audit events generated by Internet Key Exchange protocol (IKE) and Authenticated Internet Protocol (AuthIP) during Quick Mode negotiations.
If you configure this policy setting, an audit event is generated during an IPsec Quick Mode negotiation. Success audits record successful attempts and Failure audits record unsuccessful attempts.If
you do not configure this policy setting, no audit event is generated during an IPsec Quick Mode negotiation.
Volume: High.
Default: No Auditing.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\System Audit Policies\Logon-Logoff\Audit IPsec Quick Mode
(2) REG: INFO NOT AVAILABLE
Platform: |
Microsoft Windows 7 |