STIGQter: STIG Summary: F5 BIG-IP Local Traffic Manager 11.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020: STIGQter: STIG Summary: F5 BIG-IP Local Traffic Manager 11.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:SV-215764r557356_rule
V-215764
SRG-NET-000169-ALG-000102
F5BI-LT-000087
CAT II
10
If user authentication intermediary services are provided, configure BIG-IP Core as follows:
Configure a policy in the BIG-IP APM module to uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
Apply APM policy to the applicable Virtual Server(s) in BIG-IP LTM module to uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users) when connecting to virtual servers.
If the BIG-IP Core does not provide user authentication intermediary services for virtual servers, this is not applicable.
When user authentication intermediary services are provided, review the BIG-IP LTM module authentication functions to verify identification and authentication are required for non-organizational users.
Verify Virtual Server(s) in the BIG-IP LTM module are configured with an APM policy to uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users) when connecting to virtual servers.
Navigate to the BIG-IP System manager >> Local Traffic >> Virtual Servers >> Virtual Servers List tab.
Select Virtual Servers(s) from the list to verify.
If the BIG-IP Core does not uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users) when connecting to virtual servers, this is a finding.
V-215764
False
F5BI-LT-000087
If the BIG-IP Core does not provide user authentication intermediary services for virtual servers, this is not applicable.
When user authentication intermediary services are provided, review the BIG-IP LTM module authentication functions to verify identification and authentication are required for non-organizational users.
Verify Virtual Server(s) in the BIG-IP LTM module are configured with an APM policy to uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users) when connecting to virtual servers.
Navigate to the BIG-IP System manager >> Local Traffic >> Virtual Servers >> Virtual Servers List tab.
Select Virtual Servers(s) from the list to verify.
If the BIG-IP Core does not uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users) when connecting to virtual servers, this is a finding.
M
4019