AU-5(3): Configurable Traffic Volume Thresholds

Threats Addressed:


(Not part of any baseline)

Previous Version:

Control Statement

Enforce configurable network communications traffic volume thresholds reflecting limits on audit log storage capacity and [Assignment: reject, delay] network traffic above those thresholds.

Supplemental Guidance

Organizations have the capability to reject or delay the processing of network communications traffic if audit logging information about such traffic is determined to exceed the storage capacity of the system audit logging function. The rejection or delay response is triggered by the established organizational traffic volume thresholds that can be adjusted based on changes to audit log storage capacity.