The AAA server is not configured with a unique key to be used for communication (i.e. RADIUS, TACACS+) with any client requesting authentication services.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-17844	NET0437	SV-19119r1_rule	ECSC-1	Low

Description
Using standardized authentication protocols such as RADIUS, TACACS+, and Kerberos, an authentication server provides centralized and robust authentication services for the management of network components. An authentication server is very scalable as it supports many user accounts and authentication sessions with the network components. It is critical that the AAA server’s operating system is secured and other methods are used to ensure that the server is not compromised.

Description

Using standardized authentication protocols such as RADIUS, TACACS+, and Kerberos, an authentication server provides centralized and robust authentication services for the management of network components. An authentication server is very scalable as it supports many user accounts and authentication sessions with the network components. It is critical that the AAA server’s operating system is secured and other methods are used to ensure that the server is not compromised.

STIG	Date
Network Devices Security Technical Implementation Guide	2018-11-27

Details

Check Text ( C-19335r1_chk )
Interview the IAO and administrator to determine if unique keys have been configured.

Fix Text (F-17781r1_fix)
Configure each AAA server with a unique key to be used for communication (i.e. RADIUS, TACACS+) with any client requesting authentication services.