STIGQter: STIG Summary: Symantec ProxySG NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020:

Symantec ProxySG must configure Web Management Console access restrictions to authorized IP address/ranges.

DISA Rule

SV-104487r1_rule

Vulnerability Number

V-94657

Group Title

SRG-APP-000033-NDM-000212

Rule Version

SYMP-NM-000030

Severity

CAT I

CCI(s)

• CCI-000213 - The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Weight

10

Fix Recommendation

Configure console access using the account of last resort to specific networks/subnets.

1. Log on to the Web Management Console.
2. Click Configuration >> Authentication >> Console Access.
3. Click "New".
4. Enter the IP address and subnet mask for the desired network and click "OK".
5. Repeat step 4 until all desired networks have been added.
6. Click "Apply".

Check Contents

Verify console access using the account of last resort has been restricted to specific networks/subnets.

1. Log on to the Web Management Console.
2. Click >> Configuration >> Authentication >> Console Access.
3. Confirm that the correct networks/subnets are specified in the list.

If there are no entries in the list, this is a finding.

Vulnerability Number

V-94657

Documentable

False

Rule Version

SYMP-NM-000030

Severity Override Guidance

Verify console access using the account of last resort has been restricted to specific networks/subnets.

1. Log on to the Web Management Console.
2. Click >> Configuration >> Authentication >> Console Access.
3. Confirm that the correct networks/subnets are specified in the list.

If there are no entries in the list, this is a finding.

Check Content Reference

M

Target Key

3517

Comments