STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020:

The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies.

DISA Rule

SV-104217r1_rule

Vulnerability Number

V-94263

Group Title

SRG-NET-000512-ALG-000065

Rule Version

SYMP-AG-000240

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-001125 - The information system enforces adherence to protocol format.

Weight

10

Fix Recommendation

Configure FTP reverse proxy intermediary services.

See the ProxySG Reverse Proxy WebGuide for details.

1. Log on to the Web Management Console.
2. Click Configuration >> Services >> Proxy Services.
3. Click "New Service" and create new FTP proxy services with the Action set to "intercept".
4. Browse to Configuration >> Forwarding Hosts. Click "New" and create an entry for the desired back-end FTP server. Click "Apply".
5. Browse to Policy >> Visual Policy Manager and click "Launch".
6. Click Policy >> Add Forwarding Layer. In the default rule, set the Action to be the Forwarding Host configured in step 4.
7. Click File >> Install Policy on SG Appliance.

Check Contents

Verify that FTP reverse proxy intermediary services are configured.

1. Verify with the ProxySG administrator that FTP reverse proxy services are configured.
2. Log on to the Web Management Console.
3. Click Configuration >> Services >> Proxy Services.
4. For each FTP reverse proxy service identified by the administrator, verify that the Action is set to "intercept".
5. Browse to Configuration >> Forwarding Hosts. Verify that the back-end FTP server is specified in the list.
6. Browse to Policy >> Visual Policy Manager" and click "Launch".
7. Verify that a Forwarding Layer exists that references the Forwarding Host configured in step 5.

If the reverse proxy Symantec ProxySG providing intermediary services for FTP does not inspect inbound FTP communications traffic for protocol compliance and protocol anomalies, this is a finding.

Vulnerability Number

V-94263

Documentable

False

Rule Version

SYMP-AG-000240

Severity Override Guidance

Verify that FTP reverse proxy intermediary services are configured.

1. Verify with the ProxySG administrator that FTP reverse proxy services are configured.
2. Log on to the Web Management Console.
3. Click Configuration >> Services >> Proxy Services.
4. For each FTP reverse proxy service identified by the administrator, verify that the Action is set to "intercept".
5. Browse to Configuration >> Forwarding Hosts. Verify that the back-end FTP server is specified in the list.
6. Browse to Policy >> Visual Policy Manager" and click "Launch".
7. Verify that a Forwarding Layer exists that references the Forwarding Host configured in step 5.

If the reverse proxy Symantec ProxySG providing intermediary services for FTP does not inspect inbound FTP communications traffic for protocol compliance and protocol anomalies, this is a finding.

Check Content Reference

M

Target Key

3515

Comments