Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-60051 | F5BI-AP-000197 | SV-74481r1_rule | Medium |
Description |
---|
The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access. DoD has mandated the use of the CAC to support identity management and personal authentication for systems covered under HSPD-12, as well as a primary component of layered protection for national security systems. This requirement applies to ALGs that provide user authentication intermediary services. |
STIG | Date |
---|---|
F5 BIG-IP Access Policy Manager 11.x Security Technical Implementation Guide | 2015-06-02 |
Check Text ( C-60731r1_chk ) |
---|
If the BIG-IP APM module does not provide user authentication intermediary services, this is not applicable. Verify the BIG-IP APM module is configured as follows: Navigate to the BIG-IP System manager >> Access Policy >> Access Profiles. Click "Edit..." in the "Access Policy" column for an Access Profile used for user authentication. Verify the Access Profile is configured to accept Personal Identity Verification (PIV) credentials when providing user authentication. If the BIG-IP APM module is not configured to accept Personal Identity Verification (PIV) credentials, this is a finding. |
Fix Text (F-65461r1_fix) |
---|
If user authentication intermediary services are provided, configure an access policy in the BIG-IP APM module to accept Personal Identity Verification (PIV) credentials. |