UCF STIG Viewer Logo

F5 BIG-IP Advanced Firewall Manager 11.x Security Technical Implementation Guide


Overview

Date Finding Count (5)
2015-06-02 CAT I (High): 1 CAT II (Med): 4 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-59921 High The BIG-IP AFM module must be configured to restrict or block harmful or suspicious communications traffic by controlling the flow of information between interconnected networks based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic.
V-59923 Medium The BIG-IP AFM module must be configured to produce audit records containing information to establish what type of events occurred.
V-59927 Medium The BIG-IP AFM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.
V-59917 Medium The BIG-IP AFM module must be configured to enforce approved authorizations for controlling the flow of information within the network based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic.
V-59925 Medium The BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations.