UCF STIG Viewer Logo

Citrix XenDesktop 7.x License Server Security Technical Implementation Guide


Overview

Date Finding Count (7)
2019-03-20 CAT I (High): 2 CAT II (Med): 5 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-81423 High XenDesktop License Server must implement cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by alternative physical safeguards, such as, at a minimum, a Protected Distribution Systems (PDS).
V-81413 High XenDesktop License Server must implement DoD-approved encryption to protect the confidentiality of remote access sessions.
V-81425 Medium XenDesktop License Server must maintain the confidentiality and integrity of information during reception.
V-81421 Medium XenDesktop License Server must protect the confidentiality and integrity of transmitted information.
V-81417 Medium XenDesktop License Server must protect the authenticity of communications sessions.
V-81415 Medium XenDesktop License Server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.
V-81419 Medium XenDesktop License Server must prohibit the use of cached authenticators after an organization-defined time period.