STIGQter: STIG Summary: Infoblox 8.x DNS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Jan 2021:

The Infoblox system must use a security policy that limits the propagation of access rights.

DISA Rule

SV-233872r621666_rule

Vulnerability Number

V-233872

Group Title

SRG-APP-000516-DNS-000099

Rule Version

IDNS-8X-400014

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

1. Review the Infoblox Administrator Guide for comprehensive instructions if necessary.
2. Navigate to Administration >> Administrators tab.
3. Edit the "Admins", "Groups", "Roles", "Permissions", and "Authentication Policy" tabs and set to the desired permissions.

Check Contents

Infoblox NIOS uses a robust permission structure that provides for granular configuration of user access to the administrative interface. Review the Infoblox Overview document for more information on access control and inheritance, and the Administrator Guide for comprehensive information.

1. Navigate to Administration >> Administrators. Review the "Authentication Policy" tab, which will display the authentication methods and order.
2. Review the "Admins", "Groups", "Roles", and "Permissions" tabs to display the specific accounts, roles, and permissions.
3. Verify the local assignment policy against the configured accounts.

If an access policy limiting propagation of access rights is not configured, or the Infoblox system is not configured in accordance with local access policy, this is a finding.

The Infoblox system must use a security policy that limits the propagation of access rights.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments