Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Symantec ProxySG must configure Web Management Console access restrictions to authorized IP address/ranges.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-94657 | SYMP-NM-000030 | SV-104487r1_rule | High |
| Description |
|---|
| It is important that administrative access (SSH, web) to an appliance using the account of last resort be able to be restricted to only the appropriate networks/subnets in order to reduce the likelihood of unauthorized access. |
| STIG | Date |
|---|---|
| Symantec ProxySG NDM Security Technical Implementation Guide | 2019-12-20 |
Details
| Check Text ( C-93847r1_chk ) |
|---|
| Verify console access using the account of last resort has been restricted to specific networks/subnets. 1. Log on to the Web Management Console. 2. Click >> Configuration >> Authentication >> Console Access. 3. Confirm that the correct networks/subnets are specified in the list. If there are no entries in the list, this is a finding. |
| Fix Text (F-100775r1_fix) |
|---|
| Configure console access using the account of last resort to specific networks/subnets. 1. Log on to the Web Management Console. 2. Click Configuration >> Authentication >> Console Access. 3. Click "New". 4. Enter the IP address and subnet mask for the desired network and click "OK". 5. Repeat step 4 until all desired networks have been added. 6. Click "Apply". |