STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020: STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020:SV-104275r1_rule
V-94321
SRG-NET-000192-ALG-000121
SYMP-AG-000540
CAT II
10
Enable the Attack Detection function.
1. SSH into the ProxySG console and type "enable".
2. Enter the correct password and type "configure terminal".
3. Press "Enter" and type "attack-detection".
4. Type "client" and press "Enter". Type "enable-limits" and press "Enter".
Note: See the ProxySG Administration Guide, Chapter 73: Preventing Denial of Service Attacks, to understand the functionality before proceeding. Fine-tune the default client limits if there is an operational impact.
Verify that Attack Detection is enabled.
1. SSH into the ProxySG console and type "enable".
2. Enter the correct password and type "configure terminal".
3. Press "Enter" and type "show attack-detection configuration".
4. Verify that "client limits enabled" equals "true".
If Symantec ProxySG does not block outbound traffic containing known and unknown DoS attacks to protect against the use of internal information systems to launch any DoS attacks against other networks or endpoints, this is a finding.
V-94321
False
SYMP-AG-000540
Verify that Attack Detection is enabled.
1. SSH into the ProxySG console and type "enable".
2. Enter the correct password and type "configure terminal".
3. Press "Enter" and type "show attack-detection configuration".
4. Verify that "client limits enabled" equals "true".
If Symantec ProxySG does not block outbound traffic containing known and unknown DoS attacks to protect against the use of internal information systems to launch any DoS attacks against other networks or endpoints, this is a finding.
M
3515