Riverbed Optimization System (RiOS) must obtain its public key certificates from an appropriate certificate policy through an approved service provider.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-62987 | RICX-DM-000138 | SV-77477r1_rule | Medium |
| Description |
|---|
| For user certificates, each organization obtains certificates from an approved, shared service provider, as required by OMB policy. For federal agencies operating a legacy public key infrastructure cross-certified with the Federal Bridge Certification Authority at medium assurance or higher, this Certification Authority will suffice. |
| STIG | Date |
|---|---|
| Riverbed SteelHead CX v8 NDM Security Technical Implementation Guide | 2019-10-01 |
Details
| Check Text ( C-63739r1_chk ) |
|---|
| Verify that RiOS is configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider. Navigate to the device Management Console Navigate to Configure >> Optimization >> Certificate Authorities Verify that DoD Root Certificates are listed on this page If no DoD Root CA Certificates are listed on this page, this is a finding. |
| Fix Text (F-68905r1_fix) |
|---|
| Configure RiOS to use public key certificates from an appropriate certificate policy through an approved service provider. Navigate to the device Management Console Navigate to Configure >> Optimization >> Certificate Authorities Click "Add a New Certificate Authority" Select "Local File" and "Browse" Navigate to your local DoD CA Root Certificates and select a certificate Click "Add" Repeat Click "Add a New Certificate Authority" down to Click "Add" for each DoD Root Certificate Navigate to the top of the web page and click "Save" to save these settings permanently |