Title: Applications providing notifications regarding suspicious events must include the capability to notify an organization defined list of response personnel who are identified by name and/or by role.
Vulnerability ID: V-32591
STIG ID: SRG-APP-000286-DB-NA
IA Controls: None
Description: Incident response applications are by their nature designed to monitor, detect, and alarm on defined events occurring on the system or on the network. A large part of their functionality is accurate and timely notification of events. Notifications can be made more efficient by the creation of notification groups containing members who would be responding to a particular alarm or event. This requirement is specific to applications providing intrusion detection services (IDS). This requirement is NA for databases.
Check Text: This check is NA for databases.
Fix Text: This fix is NA for databases.[divider]
The SQL Server agent can be configured to send alerts and messages to operators. Operators can be individuals, or mailing groups. It is highly recommended to use a mailing group so that if an individual is not available when an alert is raised, someone else can take appropriate actions. It is also advised to configure a fail safe operator.