Infoblox systems must be configured with current DoD password restrictions.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-214224	IDNS-7X-000990	SV-214224r612370_rule		High

Description
The Infoblox systems must be configured to meet current DoD password policy when using the Infoblox Local User Database as the authentication source.

STIG	Date
Infoblox 7.x DNS Security Technical Implementation Guide	2020-12-10

Details

Check Text ( C-15439r295935_chk )
Navigate to Administration >> Administrators >> Authentication Policy. If the only authentication type under "Authenticate users in this order" is "Local User Database", perform the following additional validation: Navigate to Grid >> Grid Manager >> Grid Properties >> Password tab. Verify the settings are configured in accordance with current DoD Policy. If the Infoblox system is configured to utilize a remote authentication system (Active Directory, RADIUS, TACACS+, or LDAP) which enforces policy, or the password settings meet current guidance this is not a finding.

Check Text ( C-15439r295935_chk )

Navigate to Administration >> Administrators >> Authentication Policy.

If the only authentication type under "Authenticate users in this order" is "Local User Database", perform the following additional validation:

Navigate to Grid >> Grid Manager >> Grid Properties >> Password tab.

Verify the settings are configured in accordance with current DoD Policy.

If the Infoblox system is configured to utilize a remote authentication system (Active Directory, RADIUS, TACACS+, or LDAP) which enforces policy, or the password settings meet current guidance this is not a finding.

Fix Text (F-15437r295936_fix)
Navigate to Grid >> Grid Manager >> Grid Properties >> Password tab. Configure the system with appropriate values for password length, complexity, and expiration requirements.