STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020:

Symantec ProxySG must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).

DISA Rule

SV-104233r1_rule

Vulnerability Number

V-94279

Group Title

SRG-NET-000138-ALG-000063

Rule Version

SYMP-AG-000320

Severity

CAT I

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

Configure the ProxySG to perform unique identification of organizational users.

1. Log on to the Web Management Console.
2. Browse to Configuration >> Authentication >> Windows Domain.
3. Click "Add New Domain" and follow prompts to join the Windows Domain.

Check Contents

Verify that ProxySG is uniquely identifying organizational users.

1. Log on to the Web Management Console.
2. Browse to Configuration >> Authentication >> Windows Domain.
3. Verify that a domain is listed in the Domains field and indicates "Joined and Used".

If Symantec ProxySG does not uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users), this is a finding.

Vulnerability Number

V-94279

Documentable

False

Rule Version

SYMP-AG-000320

Severity Override Guidance

Verify that ProxySG is uniquely identifying organizational users.

1. Log on to the Web Management Console.
2. Browse to Configuration >> Authentication >> Windows Domain.
3. Verify that a domain is listed in the Domains field and indicates "Joined and Used".

If Symantec ProxySG does not uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users), this is a finding.

Check Content Reference

M

Target Key

3515

Comments