STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020:

Symantec ProxySG providing user authentication intermediary services must restrict user authentication traffic to specific authentication servers.

DISA Rule

SV-104237r1_rule

Vulnerability Number

V-94283

Group Title

SRG-NET-000138-ALG-000089

Rule Version

SYMP-AG-000340

Severity

CAT I

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

Configure the ProxySG for user authentication.

1. Log on to the Web Management Console.
2. Browse to Configuration >> Authentication >> Windows Domain.
3. Click "Add New Domain" and follow prompts to join the Windows Domain.

Check Contents

The ProxySG only sends user authentication traffic to explicitly configured authentication servers. Verify which authentication servers are configured.

1. Log on to the Web Management Console.
2. Browse to Configuration >> Authentication.

If Symantec ProxySG providing user authentication intermediary services does not restrict user authentication traffic to specific authentication servers, this is a finding.

Vulnerability Number

V-94283

Documentable

False

Rule Version

SYMP-AG-000340

Severity Override Guidance

The ProxySG only sends user authentication traffic to explicitly configured authentication servers. Verify which authentication servers are configured.

1. Log on to the Web Management Console.
2. Browse to Configuration >> Authentication.

If Symantec ProxySG providing user authentication intermediary services does not restrict user authentication traffic to specific authentication servers, this is a finding.

Check Content Reference

M

Target Key

3515

Comments