UCF STIG Viewer Logo

Sun Ray 4 STIG


Date Finding Count (29)
2015-04-02 CAT I (High): 4 CAT II (Med): 21 CAT III (Low): 4
STIG Description
The Sun Ray 4 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles

Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-16151 High The Security Mode is not configured to “Hard” on the Sun Ray server.
V-16071 High Default administrator account is used to access the administration tool.
V-16072 High Unauthorized users have access to the Sun Ray administration tool.
V-16064 High Self-registration is permitted for users.
V-16157 Medium The Sun Ray server does not record log files.
V-16155 Medium A failover group signature is not configured on all Sun Ray servers in the failover group.
V-16153 Medium The Sun Ray system is not configured for high availability.
V-16145 Medium The Sun Ray server console administration sessions are not encrypted.
V-16075 Medium Sun Ray Server administrator session default timeout is used.
V-16159 Medium The Sun Ray audit logs are not retained for a minimum of one year.
V-16158 Medium The Sun Ray server logs are more permissive than 640.
V-16379 Medium There is no documented baseline of the default setuid and setgid files.
V-16351 Medium Administrative password is not configured for Desktop Units.
V-16083 Medium Sun Ray Desktop Units firmware is not at the minimum version.
V-16395 Medium Sun Ray Server is not properly registered in VMS or database.
V-16394 Medium The Sun Management Center does not monitor daemons, failover groups, and interconnects.
V-16146 Medium Sun Ray Desktop Unit to server communication is not encrypted.
V-16396 Medium Sun Ray servers are not configured with the correct posture in VMS.
V-16143 Medium USB ports are not disabled for all Sun Ray Desktop Units. This requirement excludes the keyboard and mouse.
V-16100 Medium Sun Ray Server software patches are not tested in a development environment first before deploying to production.
V-16061 Medium Sun Ray Desktop Unit traffic is not isolated logically through the use of a dedicated VLAN or network segment.
V-16103 Medium The Sun Ray server software is not current with the latest available patches.
V-16148 Medium Server Authentication is not configured on the Sun Ray server.
V-17455 Medium The Sun Ray Session Server (SRSS) is not located in a DMZ or screened subnet.
V-16349 Medium The Sun Ray system backups are not performed in accordance with the assigned MAC level.
V-16063 Low Users kiosk mode timeout is configured with no value.
V-16393 Low Sun Ray server does not send logs to syslog server.
V-16062 Low User tokens are not forced to authenticate to the Sun Ray Server.
V-16354 Low Sun Ray Desktop Units are not assigned with DHCP reserved IP addresses.