STIGQter: STIG Summary: F5 BIG-IP Device Management 11.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020: STIGQter: STIG Summary: F5 BIG-IP Device Management 11.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:SV-217417r557520_rule
V-217417
SRG-APP-000435-NDM-000315
F5BI-DM-000239
CAT I
10
Configure the BIG-IP appliance to limit the effects of DoS attacks by employing security safeguards to limit the number of concurrent sessions to the configuration utility.
Verify the BIG-IP appliance is configured to protect against or to limit the effects of DoS attacks by limiting the number of concurrent sessions.
Review organizational Standard Operating Procedures (SOP) to ensure there is an organizational-defined threshold for the number of allowed connections to the management console.
Navigate to the BIG-IP System manager >> System >> Preferences.
Set "System Settings:" to "Advanced".
Verify "Maximum HTTP Connections To Configuration Utility" is set to the number of allowed connections defined in the local SOP.
If the BIG-IP appliance is not configured to protect against or limit the effects of DoS attacks by limiting the number of concurrent sessions, this is a finding.
V-217417
False
F5BI-DM-000239
Verify the BIG-IP appliance is configured to protect against or to limit the effects of DoS attacks by limiting the number of concurrent sessions.
Review organizational Standard Operating Procedures (SOP) to ensure there is an organizational-defined threshold for the number of allowed connections to the management console.
Navigate to the BIG-IP System manager >> System >> Preferences.
Set "System Settings:" to "Advanced".
Verify "Maximum HTTP Connections To Configuration Utility" is set to the number of allowed connections defined in the local SOP.
If the BIG-IP appliance is not configured to protect against or limit the effects of DoS attacks by limiting the number of concurrent sessions, this is a finding.
M
4036