STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016:

Trend Deep Security must reside on a Web Server configured for multifactor authentication.

DISA Rule

SV-80535r1_rule

Vulnerability Number

V-66045

Group Title

SRG-APP-000516

Rule Version

TMDS-00-004520

Severity

CAT I

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the Web Server hosting Trend Deep Security for multifactor authentication.

To configure the authentication method in IIS:
1. Open Internet Information Services (IIS) Manager.
2. In the console tree, expand the server name.
3. In the server Home page, double-click Authentication to open the Authentication page.
4. In the Authentication page, right-click AD Client Certificate Authentication, and click "Enable".
5. Close the Authentication page.
6. In the server Home page, double-click SSL Settings to open the SSL Settings page.
7. Select the "Require SSL" Checkbox, and "Require" radio button.
8. Close the SSL Settings page.
9. Close IIS Manager.

Check Contents

Review the Web Server hosting Trend Deep Security to ensure multifactor authentication has been configured.

1. Open Internet Information Services (IIS) Manager.
2. In the console tree, expand the server name.
3. In the server Home page, double-click Authentication to open the Authentication page.
4. In the Authentication page, right-click AD Client Certificate Authentication, and ensure "Enable" is selected.
5. Close the Authentication page.
6. In the server Home page, double-click SSL Settings to open the SSL Settings page.
7. Ensure the "Require SSL" Checkbox is checked, and "Require" radio button is selected.
8. Close the SSL Settings page.
9. Close IIS Manager.

If "Enable" is not selected in the Authentication page, this is a finding.
If "Require SSL" is not selected in the SSL Settings page, this is a finding.
If "Ignore" or "Accept" radio buttons are selected in the SSL settings page, this is a finding.

Vulnerability Number

V-66045

Documentable

False

Rule Version

TMDS-00-004520

Severity Override Guidance

Review the Web Server hosting Trend Deep Security to ensure multifactor authentication has been configured.

1. Open Internet Information Services (IIS) Manager.
2. In the console tree, expand the server name.
3. In the server Home page, double-click Authentication to open the Authentication page.
4. In the Authentication page, right-click AD Client Certificate Authentication, and ensure "Enable" is selected.
5. Close the Authentication page.
6. In the server Home page, double-click SSL Settings to open the SSL Settings page.
7. Ensure the "Require SSL" Checkbox is checked, and "Require" radio button is selected.
8. Close the SSL Settings page.
9. Close IIS Manager.

If "Enable" is not selected in the Authentication page, this is a finding.
If "Require SSL" is not selected in the SSL Settings page, this is a finding.
If "Ignore" or "Accept" radio buttons are selected in the SSL settings page, this is a finding.

Check Content Reference

M

Target Key

2955

Comments