STIGQter: STIG Summary: CA API Gateway NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 19 Sep 2016:

The CA API Gateway must authenticate RADIUS endpoint devices before establishing a network connection using bidirectional authentication that is cryptographically based.

DISA Rule

SV-86179r1_rule

Vulnerability Number

V-71555

Group Title

SRG-APP-000395-NDM-000310

Rule Version

CAGW-DM-000280

Severity

CAT II

CCI(s)

• CCI-001967 - The information system authenticates organization-defined devices and/or types of devices before establishing a local, remote, and/or network connection using bidirectional authentication that is cryptographically based.

Weight

10

Fix Recommendation

Using the ssgconfig menu subsystem, confirm RADIUS has been configured via 1) Configure system settings >> 4) Configure authentication method item 3 or 4.

Configure radius/ladap_radius as required.

Check Contents

Using the "ssgconfig" menu subsystem, confirm RADIUS has been configured via 1) Configure system settings >> 4) Configure authentication method item 3 or 4.

Confirm password is set to "Enter the RADIUS shared secret [<Hidden>]".

If RADIUS is not correctly configured, this is a finding.

Vulnerability Number

V-71555

Documentable

False

Rule Version

CAGW-DM-000280

Severity Override Guidance

Using the "ssgconfig" menu subsystem, confirm RADIUS has been configured via 1) Configure system settings >> 4) Configure authentication method item 3 or 4.

Confirm password is set to "Enter the RADIUS shared secret [<Hidden>]".

If RADIUS is not correctly configured, this is a finding.

Check Content Reference

M

Target Key

3051

Comments