UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The BIG-IP appliance must be configured to notify the administrator of changes to access and/or privilege parameters of the administrator account that occurred since the last logon.


Overview

Finding ID Version Rule ID IA Controls Severity
V-60119 F5BI-DM-000041 SV-74549r1_rule Medium
Description
Providing administrators with information regarding security-related changes to their account allows them to determine if any unauthorized activity has occurred. Changes to the account could be an indication of the account being compromised. Hence, without notification to the administrator, the compromise could go undetected if other controls were not in place to mitigate this risk.
STIG Date
F5 BIG-IP Device Management 11.x Security Technical Implementation Guide 2015-06-02

Details

Check Text ( C-60937r1_chk )
Verify the BIG-IP appliance is configured to use a properly configured authentication server that notifies the administrator of changes to access and/or privilege parameters of the administrator's account that occurred since the last logon.

Navigate to the BIG-IP System manager >> System >> Users >> Authentication.

Verify "Authentication: User Directory" is configured for an approved remote authentication server to notify the administrator of changes to access and/or privilege parameters of the administrator's account that occurred since the last logon.

If the BIG-IP appliance is not configured to use a properly configured authentication server that notifies the administrator of changes to access and/or privilege parameters of the administrator's account that occurred since the last logon, this is a finding.
Fix Text (F-65669r1_fix)
Configure the BIG-IP appliance to use a properly configured authentication server that notifies the administrator of changes to access and/or privilege parameters of the administrator's account that occurred since the last logon.