Citrix XenDesktop 7.x License Server Security Technical Implementation Guide

Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Citrix XenDesktop 7.x License Server Security Technical Implementation Guide

Overview

Version	Date	Finding Count (7)			Downloads
1	2019-12-12 2018-08-28 2018-08-28 2019-03-20 2019-03-20	CAT I (High): 2	CAT II (Med): 5	CAT III (Low): 0	Excel	JSON	XML

STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles

Classified	Public	Sensitive
I - Mission Critical Classified	I - Mission Critical Public	I - Mission Critical Sensitive	II - Mission Support Classified	II - Mission Support Public	II - Mission Support Sensitive	III - Administrative Classified	III - Administrative Public	III - Administrative Sensitive

Findings (MAC I - Mission Critical Classified)

Finding ID	Severity	Title	Description
V-81423	High	XenDesktop License Server must implement cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by alternative physical safeguards, such as, at a minimum, a Protected Distribution Systems (PDS).	Encrypting information for transmission protects information from unauthorized disclosure and modification. Cryptographic mechanisms implemented to protect information integrity include, for...
V-81413	High	XenDesktop License Server must implement DoD-approved encryption to protect the confidentiality of remote access sessions.	Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session. Remote access is access to DoD nonpublic information...
V-81425	Medium	XenDesktop License Server must maintain the confidentiality and integrity of information during reception.	Information can be unintentionally or maliciously disclosed or modified during reception including, for example, during aggregation, at protocol transformation points, and during...
V-81421	Medium	XenDesktop License Server must protect the confidentiality and integrity of transmitted information.	Without protection of the transmitted information, confidentiality and integrity may be compromised since unprotected communications can be intercepted and read or altered. This requirement...
V-81417	Medium	XenDesktop License Server must protect the authenticity of communications sessions.	Authenticity protection provides protection against man-in-the-middle attacks/session hijacking and the insertion of false information into sessions. Application communication sessions are...
V-81415	Medium	XenDesktop License Server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.	Without the capability to restrict which roles and individuals can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured...
V-81419	Medium	XenDesktop License Server must prohibit the use of cached authenticators after an organization-defined time period.	If cached authentication information is out of date, the validity of the authentication information may be questionable.