UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Symantec ProxySG providing user authentication intermediary services must use multifactor authentication for network access to nonprivileged accounts.


Overview

Finding ID Version Rule ID IA Controls Severity
V-94289 SYMP-AG-000370 SV-104243r1_rule Medium
Description
To assure accountability and prevent unauthenticated access, nonprivileged users must use multifactor authentication to prevent potential misuse and compromise of the system. Multifactor authentication uses two or more factors to achieve authentication. Factors include: 1. Something you know (e.g., password/PIN) 2. Something you have (e.g., cryptographic, identification device, token) 3. Something you are (e.g., biometric) Nonprivileged accounts are not authorized access to the network element regardless of access method. Network access is any access to an application by a user (or process acting on behalf of a user) where the access is obtained through a network connection. Authenticating with a PKI credential and entering the associated PIN is an example of multifactor authentication.
STIG Date
Symantec ProxySG ALG Security Technical Implementation Guide 2019-05-21

Details

Check Text ( C-93475r1_chk )
Verify that a DoD-approved authentication server that uses multifactor authentication is configured.

1. Log on to the Web Management Console.
2. Browse to Configuration >> Authentication.

If Symantec ProxySG providing user authentication intermediary services does not use multifactor authentication for network access to nonprivileged accounts, this is a finding.
Fix Text (F-100405r1_fix)
Configure a DoD-approved authentication server that uses multifactor authentication.

1. Log on to the Web Management Console.
2. Browse to Configuration >> Authentication >> Windows Domain.
3. Click "Add New Domain" and follow prompts to join the Windows Domain.