Documentation Center
AlienVault® USM Appliance™

PCI DSS 3.2 Requirement 10: Track and Monitor Access to All Network Resources and Cardholder Data

Applies to Product: USM Appliance™ AlienVault OSSIM®

Testing Procedure

How USM Appliance Delivers

USM Appliance Instructions

USM Appliance Documentation

10.4 Examine configuration standards and processes to verify that time-synchronization technology is implemented and kept current per PCI DSS Requirements 6.1 and 6.2.

Using Asset Discovery scan in USM Appliance confirms whether NTP is running on server.

Run an Asset Scan to verify presence of NTP service.

Running Asset Scans

10.4.1.b Observe the time-related system-parameter settings for a sample of system components to verify:
•  Only the designated central time server(s) receives time signals from external sources, and time signals from external sources are based on International Atomic Time or UTC.
•  Where there is more than one designated time server, the designated central time server(s) peer with one another to keep accurate time.
•  Systems receive time only from designated central time server(s).

The Vulnerability Scan in USM Appliance can test system configuration settings to confirm that an NTP server has been configured.

Run a Vulnerability Scan to verify NTP settings are correct.

Performing Vulnerability Scans

10.4.2.b Examine system configurations, time synchronization settings and logs, and processes to verify that any changes to time settings on critical systems are logged, monitored, and reviewed.

The Vulnerability Scan in USM Appliance can test system configuration settings to confirm that an NTP server has been configured.

Run Vulnerability Scan to verify NTP settings are correct.

Performing Vulnerability Scans

10.5.5 Examine system settings, monitored files, and results from monitoring activities to verify the use of file-integrity monitoring or change-detection software on logs.

USM Appliance provides Flle Integrity Monitoring (FIM)through AlienVault HIDS.

Configure HIDS in USM Appliance to perform File Integrity Monitoring.

File Integrity Monitoring