STIGQter: STIG Summary: A10 Networks ADC ALG Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The A10 Networks ADC must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the PPSM CAL and vulnerability assessments.

DISA Rule

SV-237037r639558_rule

Vulnerability Number

V-237037

Group Title

SRG-NET-000132-ALG-000087

Rule Version

AADC-AG-000036

Severity

CAT II

CCI(s)

CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

Fix Recommendation

Do not configure a server, service group, or virtual server for any port, protocol, or service that is prohibited by the PPSM CAL.

Check Contents

Review the list of authorized applications, endpoints, services, and protocols that have been added to the PPSM database.

Review the configured servers, service groups, and virtual servers.

The following command shows information for SLB servers:
show slb server

The following command shows information for service groups (multiple servers):
show slb service-group

The following command shows information for virtual servers (the services visible to outside hosts):
show slb virtual-server

If any of the servers, service groups, or virtual servers allows traffic that is prohibited by the PPSM CAL, this is a finding.

The A10 Networks ADC must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the PPSM CAL and vulnerability assessments.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments