Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-80463 | BROM-00-000905 | SV-95167r1_rule | Medium |
Description |
---|
Without reauthenticating the endpoint, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. The BEC Update Interval setting controls the frequency of check-ins for policy updates, remote commands and a Bromium vSentry event data. The value set is in seconds. During the update connection with the BEC, the Bromium vSentry client's device certificate is reauthenticated. |
STIG | Date |
---|---|
Bromium Secure Platform 4.x Security Technical Implementation Guide | 2018-05-11 |
Check Text ( C-80135r1_chk ) |
---|
Verify the Update Interval is set to one hour. 1. From the management console, navigate to the "Policies" menu. 2. Select the Base policy. 3. Click the "Manageability" tab. 4. Inspect the "Update Interval" parameter to reflect the desired interval (1 hour/3600 seconds is the maximum). If the BEC Update Interval is set to more than one hour, this is a finding. |
Fix Text (F-87269r1_fix) |
---|
Configure the Update Internal for the BEC/vSentry client update of event data, remote commands, policy updates, and reauthenication. 1. From the management console, navigate to the "Policies" menu. 2. Select the Base policy. 3. Click the "Manageability" tab. 4. Edit the "Update Interval" parameter to reflect "3600" seconds. 5. Click "Save and Deploy". Note: A value of 1 hour/3600 seconds is the recommended setting; however, the setting may be changed to a lower interval based on mission needs. |