UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Citrix XenDesktop 7.x License Server Security Technical Implementation Guide


Overview

Date Finding Count (7)
2019-03-20 CAT I (High): 2 CAT II (Med): 5 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-81423 High XenDesktop License Server must implement cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by alternative physical safeguards, such as, at a minimum, a Protected Distribution Systems (PDS).
V-81413 High XenDesktop License Server must implement DoD-approved encryption to protect the confidentiality of remote access sessions.
V-81425 Medium XenDesktop License Server must maintain the confidentiality and integrity of information during reception.
V-81421 Medium XenDesktop License Server must protect the confidentiality and integrity of transmitted information.
V-81417 Medium XenDesktop License Server must protect the authenticity of communications sessions.
V-81415 Medium XenDesktop License Server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.
V-81419 Medium XenDesktop License Server must prohibit the use of cached authenticators after an organization-defined time period.