Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The ALG providing authentication proxy connections must conform to FICAM-issued profiles.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000349-ALG-0000106 | SRG-NET-000349-ALG-0000106 | SRG-NET-000349-ALG-0000106_rule | Medium |
| Description |
|---|
| Without conforming to Federal Identity, Credential, and Access Management (FICAM)-issued profiles, the information system may not be interoperable with FICAM-authentication protocols, such as SAML 2.0 and OpenID 2.0. Use of FICAM-issued profiles addresses open identity management standards. This requirement only applies to components where this is specific to the function of the device or has the concept of a non-organizational user, (e.g., ALG capability that is the front end for an application in a DMZ). |
| STIG | Date |
|---|---|
| Application Layer Gateway Security Requirements Guide | 2014-06-27 |
Details
| Check Text ( C-SRG-NET-000349-ALG-0000106_chk ) |
|---|
| If the ALG does not provide user authentication proxy services, this is not a finding. Verify the ALG conform to FICAM-issued profiles. If the ALG does not conform to FICAM-issued profiles, this is a finding. |
| Fix Text (F-SRG-NET-000349-ALG-0000106_fix) |
|---|
| Configure ALG to conform to FICAM-issued profiles. |