STIGQter STIGQter: STIG Summary: Riverbed SteelHead CX v8 ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 30 Nov 2015:

The Riverbed Optimization System (RiOS) must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments.

DISA Rule

SV-77319r1_rule

Vulnerability Number

V-62829

Group Title

SRG-NET-000132-ALG-000087

Rule Version

RICX-AG-000088

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Check to see if services other than the authorized services are enabled for optimization.

Obtain documentation for which applications are approved/disapproved for optimization by the organization.

Navigate to the device Management Console
Navigate to Optimize >> Optimization

Set the approved or disapproved applications to enabled or disabled according to organization requirements.

Check Contents

Verify that the Riverbed Optimization System (RiOS) is configured to disable unrelated or unneeded application proxy services.

Obtain documentation for which applications are approved/disapproved for optimization by the organization.

Navigate to the device Management Console
Navigate to Optimize >> Optimization

Verify that the approved or disapproved applications are enabled or disabled according to organization requirements.

If optimization features are not enabled or disabled according to the organizations requirements, this is a finding.

Vulnerability Number

V-62829

Documentable

False

Rule Version

RICX-AG-000088

Severity Override Guidance

Verify that the Riverbed Optimization System (RiOS) is configured to disable unrelated or unneeded application proxy services.

Obtain documentation for which applications are approved/disapproved for optimization by the organization.

Navigate to the device Management Console
Navigate to Optimize >> Optimization

Verify that the approved or disapproved applications are enabled or disabled according to organization requirements.

If optimization features are not enabled or disabled according to the organizations requirements, this is a finding.

Check Content Reference

M

Target Key

2929

Comments