STIGQter: STIG Summary: F5 BIG-IP Local Traffic Manager 11.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020: STIGQter: STIG Summary: F5 BIG-IP Local Traffic Manager 11.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:SV-215758r557356_rule
V-215758
SRG-NET-000138-ALG-000063
F5BI-LT-000073
CAT II
10
If user access control intermediary services are provided, configure the BIG-IP Core as follows:
Configure a policy in the BIG-IP APM module to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
Apply the APM policy to the applicable Virtual Server(s) in the BIG-IP LTM module to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users) when connecting to virtual servers.
If the BIG-IP Core does not provide user authentication intermediary services for virtual servers, this is not applicable.
When user authentication intermediary services are provided, verify the BIG-IP Core is configured as follows:
Verify the BIG-IP Core is configured with an APM policy to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
Navigate to the BIG-IP System manager >> Local Traffic >> Virtual Servers >> Virtual Servers List tab.
Select Virtual Servers(s) from the list to verify.
Verify under "Access Policy" section, that "Access Policy" has been set to use an APM access policy to uniquely identify and authenticate organizational users when connecting to virtual servers.
If the BIG-IP Core does not uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users), this is a finding.
V-215758
False
F5BI-LT-000073
If the BIG-IP Core does not provide user authentication intermediary services for virtual servers, this is not applicable.
When user authentication intermediary services are provided, verify the BIG-IP Core is configured as follows:
Verify the BIG-IP Core is configured with an APM policy to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
Navigate to the BIG-IP System manager >> Local Traffic >> Virtual Servers >> Virtual Servers List tab.
Select Virtual Servers(s) from the list to verify.
Verify under "Access Policy" section, that "Access Policy" has been set to use an APM access policy to uniquely identify and authenticate organizational users when connecting to virtual servers.
If the BIG-IP Core does not uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users), this is a finding.
M
4019