Citrix XenDesktop 7.x Delivery Controller Security Technical Implementation Guide

Quick Actions

We are continuing to improve Stigviewer and we are planning on rolling out new services in the near future. Would you like to be part of the conversation on what those features should be? If so, click here.

Featured Partners

Web page built by Cyber Protection Services

Check out our new AI-powered GRC tool here .
Compliance Dictionary

Standardizes and unifies compliance terms.

Overview

Version	Date	Finding Count (4)			Downloads
1	2020-03-27	CAT I (High): 1	CAT II (Medium): 3	CAT III (Low): 0	Excel JSON XML

Stig Description

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Classified	Public	Sensitive
I - Mission Critical Classified	I - Mission Critical Public	I - Mission Critical Sensitive	II - Mission Critical Classified	II - Mission Critical Public	II - Mission Critical Sensitive	III - Mission Critical Classified	III - Mission Critical Public	III - Mission Critical Sensitive

Findings - All

Finding ID	Severity	Title	Description
V-81409	High	Delivery Controller must implement NIST FIPS-validated cryptography for the following: to provision digital signatures; to generate cryptographic hashes; and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.	Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The application must implement cryptographic modules adhering to the higher standards approved by the Federal Government since this provides assurance they have been tested and validated.
V-81411	Medium	Delivery Controller must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs.	Configuring the application to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across DoD that reflects the most restrictive security posture consistent with operational requirements. Configuration settings are the set of parameters that can be changed that affects the...
V-81407	Medium	Delivery Controller must be configured to disable non-essential capabilities.	It is detrimental for applications to provide or install by default functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors. Applications are capable of providing a wide variety...
V-81403	Medium	Delivery Controller must limit the number of concurrent sessions to an organization-defined number for all accounts and/or account types.	Application management includes the ability to control the number of users and user sessions that utilize an application. Limiting the number of allowed users and sessions per user is helpful in limiting risks related to Denial-of-Service (DoS) attacks. This requirement may be met via the application or by using information...

STIG VIEWER