STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020:

Symantec ProxySG providing user authentication intermediary services must use multifactor authentication for network access to nonprivileged accounts.

DISA Rule

SV-104243r1_rule

Vulnerability Number

V-94289

Group Title

SRG-NET-000140-ALG-000094

Rule Version

SYMP-AG-000370

Severity

CAT II

CCI(s)

• CCI-000766 - The information system implements multifactor authentication for network access to non-privileged accounts.

Weight

10

Fix Recommendation

Configure a DoD-approved authentication server that uses multifactor authentication.

1. Log on to the Web Management Console.
2. Browse to Configuration >> Authentication >> Windows Domain.
3. Click "Add New Domain" and follow prompts to join the Windows Domain.

Check Contents

Verify that a DoD-approved authentication server that uses multifactor authentication is configured.

1. Log on to the Web Management Console.
2. Browse to Configuration >> Authentication.

If Symantec ProxySG providing user authentication intermediary services does not use multifactor authentication for network access to nonprivileged accounts, this is a finding.

Vulnerability Number

V-94289

Documentable

False

Rule Version

SYMP-AG-000370

Severity Override Guidance

Verify that a DoD-approved authentication server that uses multifactor authentication is configured.

1. Log on to the Web Management Console.
2. Browse to Configuration >> Authentication.

If Symantec ProxySG providing user authentication intermediary services does not use multifactor authentication for network access to nonprivileged accounts, this is a finding.

Check Content Reference

M

Target Key

3515

Comments