User control of proxy settings must be disabled.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-235719	EDGE-00-000001	SV-235719r960804_rule		Low

Description
This action configures the proxy settings for Microsoft Edge. If this policy is enabled, Microsoft Edge ignores all proxy-related options specified from the command line. If this policy is not configured, users can choose their own proxy settings. This policy overrides the following individual policies: - ProxyMode - ProxyPacUrl - ProxyServer - ProxyBypassList Setting the ProxySettings policy accepts the following fields: - ProxyMode, which allows for the proxy server used by Microsoft Edge to be specified and prevents users from changing proxy settings. - ProxyPacUrl, a URL to a proxy .pac file. - ProxyServer, a URL for the proxy server. - ProxyBypassList, a list of proxy hosts that Microsoft Edge bypasses. For ProxyMode, the following values have the noted impact: - direct, a proxy is never used and all other fields are ignored. - system, the system's proxy is used and all other fields are ignored. - auto_detect, all other fields are ignored. - fixed_servers, the ProxyServer and ProxyBypassList fields are used. - pac_script, the ProxyPacUrl and ProxyBypassList fields are used.

Description

This action configures the proxy settings for Microsoft Edge. If this policy is enabled, Microsoft Edge ignores all proxy-related options specified from the command line. If this policy is not configured, users can choose their own proxy settings. This policy overrides the following individual policies: - ProxyMode - ProxyPacUrl - ProxyServer - ProxyBypassList Setting the ProxySettings policy accepts the following fields: - ProxyMode, which allows for the proxy server used by Microsoft Edge to be specified and prevents users from changing proxy settings. - ProxyPacUrl, a URL to a proxy .pac file. - ProxyServer, a URL for the proxy server. - ProxyBypassList, a list of proxy hosts that Microsoft Edge bypasses. For ProxyMode, the following values have the noted impact: - direct, a proxy is never used and all other fields are ignored. - system, the system's proxy is used and all other fields are ignored. - auto_detect, all other fields are ignored. - fixed_servers, the ProxyServer and ProxyBypassList fields are used. - pac_script, the ProxyPacUrl and ProxyBypassList fields are used.

STIG	Date
Microsoft Edge Security Technical Implementation Guide	2024-06-10

Details

Check Text ( C-38938r862944_chk )
The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Proxy server/Proxy Settings" must be set to one of the following options: "ProxyMode", "ProxyPacUrl", "ProxyServer", or "ProxyBypassList". If "ProxyMode" is used, one of the following must be set: "direct", "system", "auto_detect", "fixed_servers", or "pac_script". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the REG_SZ value for "ProxySettings" is not set to one of the above selections, this is a finding.

Check Text ( C-38938r862944_chk )

The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Proxy server/Proxy Settings" must be set to one of the following options: "ProxyMode", "ProxyPacUrl", "ProxyServer", or "ProxyBypassList".

If "ProxyMode" is used, one of the following must be set: "direct", "system", "auto_detect", "fixed_servers", or "pac_script".

Use the Windows Registry Editor to navigate to the following key:
HKLM\SOFTWARE\Policies\Microsoft\Edge

If the REG_SZ value for "ProxySettings" is not set to one of the above selections, this is a finding.

Fix Text (F-38901r917468_fix)
Set the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Proxy server/Proxy Settings" to "ProxyMode", "ProxyPacUrl", "ProxyServer", or "ProxyBypassList". If "ProxyMode" is selected, one of the following must also be set: "direct", "system", "auto_detect", "fixed_servers", or "pac_script". Example policy text: SOFTWARE\Policies\Microsoft\Edge\ProxySettings = { "ProxyBypassList": "https://www.example1.com,https://www.example2.com,https://internalsite/", "ProxyMode": "pac_script", "ProxyPacMandatory": false, "ProxyPacUrl": "https://internal.site/example.pac", "ProxyServer": "123.123.123.123:8080" }

Fix Text (F-38901r917468_fix)

Set the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Proxy server/Proxy Settings" to "ProxyMode", "ProxyPacUrl", "ProxyServer", or "ProxyBypassList".

If "ProxyMode" is selected, one of the following must also be set: "direct", "system", "auto_detect", "fixed_servers", or "pac_script".

Example policy text:
SOFTWARE\Policies\Microsoft\Edge\ProxySettings = {
"ProxyBypassList": "https://www.example1.com,https://www.example2.com,https://internalsite/",
"ProxyMode": "pac_script",
"ProxyPacMandatory": false,
"ProxyPacUrl": "https://internal.site/example.pac",
"ProxyServer": "123.123.123.123:8080"
}