STIGQter: STIG Summary: Symantec ProxySG NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020:

Symantec ProxySG must employ automated mechanisms to centrally verify authentication settings.

DISA Rule

SV-104511r1_rule

Vulnerability Number

V-94681

Group Title

SRG-APP-000516-NDM-000338

Rule Version

SYMP-NM-000150

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-000372 - The organization employs automated mechanisms to centrally verify configuration settings for organization-defined information system components.

Weight

10

Fix Recommendation

Configure the Symantec ProxySG to use a centrally administered AAA server.

1. Log on to the Web Management Console.
2. Click Configuration >> Authentication >> RADIUS.
3. Click "New" then enter a Realm name.
4. Under "Realm configuration" enter the IP address for the primary RADIUS server and modify port (if necessary).
5. Enter a Secret pre-shared key, and enter the same Secret pre-shred key for confirmation, click "OK".
6. Click Radius Servers.
7. Enter an IP address for the Alternate Server and modify port (if necessary).
8. Click "Apply".
9. Click Configuration >> Policy >> Visual Policy Manager.
10. Click "Launch", select the "Admin Authentication" layer.
11. Right-click the "Action" in each rule and click "Set".
12. Click "New", then "Authenticate", and choose the RADIUS realm configured in step 3.
13. Click "File", click "Install Policy on SG Appliance".

Check Contents

Verify a AAA server is used for access by system administrators as required in DoD.

1. Log on to the Web Management Console.
2. Click Configuration >> Authentication >> RADIUS.
3. Confirm that a RADIUS realm has been configured.
4. Click Configuration >> Policy >> Visual Policy Manager.
5. Click "Launch", select the "Admin Authentication" layer.
6. Confirm the "Action" in each rule references the RADIUS realm in step 3.

If Symantec ProxySG does not employ automated mechanisms to centrally verify authentication settings, this is a finding.

Vulnerability Number

V-94681

Documentable

False

Rule Version

SYMP-NM-000150

Severity Override Guidance

Verify a AAA server is used for access by system administrators as required in DoD.

1. Log on to the Web Management Console.
2. Click Configuration >> Authentication >> RADIUS.
3. Confirm that a RADIUS realm has been configured.
4. Click Configuration >> Policy >> Visual Policy Manager.
5. Click "Launch", select the "Admin Authentication" layer.
6. Confirm the "Action" in each rule references the RADIUS realm in step 3.

If Symantec ProxySG does not employ automated mechanisms to centrally verify authentication settings, this is a finding.

Check Content Reference

M

Target Key

3517

Comments