STIGQter: STIG Summary: Riverbed SteelHead CX v8 NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 25 Oct 2019:

Riverbed Optimization System (RiOS) must enforce a 60-day maximum password lifetime restriction.

DISA Rule

SV-77463r1_rule

Vulnerability Number

V-62973

Group Title

SRG-APP-000174-NDM-000261

Rule Version

RICX-DM-000123

Severity

CAT II

CCI(s)

• CCI-000199 - The information system enforces maximum password lifetime restrictions.

Weight

10

Fix Recommendation

Configure RiOS to enforce a 60-day maximum password lifetime.

Navigate to the device Management Console
Navigate to Configure >> Security >> Password Policy

Set the value of "Days Before Password Expires:" to "60"

Click "Apply"
Navigate to the top of the web page and click "Save" to save these settings permanently

Check Contents

Verify that RiOS is configured to enforce a 60-day maximum password lifetime restriction.

Navigate to the device Management Console
Navigate to Configure >> Security >> Password Policy

Verify that "Days Before Password Expires:" is set to "60"

If "Days Before Password Expires:" is not set to "60", this is a finding.

Vulnerability Number

V-62973

Documentable

False

Rule Version

RICX-DM-000123

Severity Override Guidance

Verify that RiOS is configured to enforce a 60-day maximum password lifetime restriction.

Navigate to the device Management Console
Navigate to Configure >> Security >> Password Policy

Verify that "Days Before Password Expires:" is set to "60"

If "Days Before Password Expires:" is not set to "60", this is a finding.

Check Content Reference

M

Target Key

2931

Comments