Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The BIG-IP appliance must be configured to dynamically manage user accounts.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-60213 | F5BI-DM-000227 | SV-74643r1_rule | Medium |
| Description |
|---|
| Dynamic user account management prevents disruption of operations by minimizing the need for system restarts. Dynamic establishment of new user accounts will occur while the system is operational. New user accounts or changes to existing user accounts must take effect without the need for a system or session restart. Pre-established trust relationships and mechanisms with appropriate authorities (e.g., Active Directory or authentication server) that validate each user account are essential to prevent unauthorized access by changed or revoked accounts. |
| STIG | Date |
|---|---|
| F5 BIG-IP Device Management 11.x Security Technical Implementation Guide | 2019-10-01 |
Details
| Check Text ( C-61131r1_chk ) |
|---|
| Verify the BIG-IP appliance is configured to use a properly configured authentication server that dynamically manages user accounts. Navigate to the BIG-IP System manager >> System >> Users >> Authentication. Verify that "User Directory" is set to an approved authentication server type that is configured to dynamically manage user accounts. If the BIG-IP appliance is not configured to use a properly configured authentication server to dynamically manage user accounts, this is a finding. |
| Fix Text (F-65829r1_fix) |
|---|
| Configure the BIG-IP appliance to use a properly configured authentication server to dynamically manage user accounts. |