STIGQter: STIG Summary: Infoblox 7.x DNS Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

Infoblox systems must be configured with current DoD password restrictions.

DISA Rule

SV-214224r612370_rule

Vulnerability Number

V-214224

Group Title

SRG-APP-000516-DNS-000500

Rule Version

IDNS-7X-000990

Severity

CAT I

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Navigate to Grid >> Grid Manager >> Grid Properties >> Password tab.

Configure the system with appropriate values for password length, complexity, and expiration requirements.

Check Contents

Navigate to Administration >> Administrators >> Authentication Policy.

If the only authentication type under "Authenticate users in this order" is "Local User Database", perform the following additional validation:

Navigate to Grid >> Grid Manager >> Grid Properties >> Password tab.

Verify the settings are configured in accordance with current DoD Policy.

If the Infoblox system is configured to utilize a remote authentication system (Active Directory, RADIUS, TACACS+, or LDAP) which enforces policy, or the password settings meet current guidance this is not a finding.

Vulnerability Number

V-214224

Documentable

False

Rule Version

IDNS-7X-000990

Severity Override Guidance

Navigate to Administration >> Administrators >> Authentication Policy.

If the only authentication type under "Authenticate users in this order" is "Local User Database", perform the following additional validation:

Navigate to Grid >> Grid Manager >> Grid Properties >> Password tab.

Verify the settings are configured in accordance with current DoD Policy.

If the Infoblox system is configured to utilize a remote authentication system (Active Directory, RADIUS, TACACS+, or LDAP) which enforces policy, or the password settings meet current guidance this is not a finding.

Check Content Reference

M

Target Key

3995

Comments