STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020: STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020:SV-104229r1_rule
V-94275
SRG-NET-000132-ALG-000087
SYMP-AG-000300
CAT I
10
Obtain the SSP and PPSMCAL and vulnerability assessments with the site's security policy. Configure the ProxySG to perform resources by employing identity-based, role-based, and/or attribute-based authorization for access to proxied websites.
1. Log on to the Web Management Console.
2. Click Configuration >> Visual Policy Manager.
3. Click "Launch".
4. For each Web Access Layer that is configured, right-click the "Source" and "destination" of each column and click "Set".
5. Select the users, groups, roles, ports, protocols, and attributes as required by the PPSMCAL.
6. Click File >> Install Policy on SG Appliance.
Obtain the SSP and PPSMCAL and vulnerability assessments with the site's security policy. Verify that identity-based, role-based, and/or attribute-based authorization is configured for access to proxied websites. Verify that security policies and rules are configured and applied.
1. Log on to the Web Management Console.
2. Click Configuration >> Visual Policy Manager.
3. Click "Launch".
4. For each rule within each Web Access Layer, verify that the "Source" and "destination" column for each rule contains something other than "any" (any is the default value) as required in the site's SSP and the PPSMCAL.
If Symantec ProxySG is not configured to prohibit or restrict the use of network services as defined in the PPSM CAL and vulnerability assessments, this is a finding.
V-94275
False
SYMP-AG-000300
Obtain the SSP and PPSMCAL and vulnerability assessments with the site's security policy. Verify that identity-based, role-based, and/or attribute-based authorization is configured for access to proxied websites. Verify that security policies and rules are configured and applied.
1. Log on to the Web Management Console.
2. Click Configuration >> Visual Policy Manager.
3. Click "Launch".
4. For each rule within each Web Access Layer, verify that the "Source" and "destination" column for each rule contains something other than "any" (any is the default value) as required in the site's SSP and the PPSMCAL.
If Symantec ProxySG is not configured to prohibit or restrict the use of network services as defined in the PPSM CAL and vulnerability assessments, this is a finding.
M
3515