Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
An HIDS has not been implemented on the AAA server
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-17845 | NET0438 | SV-19120r1_rule | ECID-1 | Medium |
| Description |
|---|
| Using standardized authentication protocols such as RADIUS, TACACS+, and Kerberos, an authentication server provides centralized and robust authentication services for the management of network components. An authentication server is very scalable as it supports many user accounts and authentication sessions with the network components. It is critical that the AAA server’s operating system is secured and other methods are used to ensure that the server is not compromised. |
| STIG | Date |
|---|---|
| Network Devices Security Technical Implementation Guide | 2015-09-22 |
Details
| Check Text ( C-19336r1_chk ) |
|---|
| Interview the IAO and AAA administrator to determine if the server is compliant. Have the administrator provide a demonstration of the HIDS capability to ensure that it is configured and in operation. |
| Fix Text (F-17782r1_fix) |
|---|
| Implement an HIDS on the AAA server. |