STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020: STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020:SV-104247r1_rule
V-94293
SRG-NET-000344-ALG-000098
SYMP-AG-000390
CAT II
10
Set credential cache lifetimes for LDAP, RADIUS, XML, IWA (with Basic credentials), SiteMinder, and COREid authentication methods.
1. Log on to the Web Management Console.
2. Browse to Configuration >> Authentication.
3. Click each of the above authentication mechanisms and select the "General" tab (e.g., Radius General or LDAP General).
4. Set the "Credential Refresh" time to 300 at a minimum.
5. Click "Apply".
Verify credential cache lifetimes for LDAP, RADIUS, XML, IWA (with Basic credentials), SiteMinder, and COREid authentication methods.
1. Log on to the Web Management Console.
2. Browse to Configuration, >> Authentication.
3. Click each of the above authentication mechanisms and select the "General" tab (e.g., Radius General or LDAP General).
4. Verify that the "Credential Refresh" time is set to the organization-defined time period (a minimum of 300 seconds).
If Symantec ProxySG does not prohibit the use of cached authenticators after 300 seconds at a minimum, this is a finding.
V-94293
False
SYMP-AG-000390
Verify credential cache lifetimes for LDAP, RADIUS, XML, IWA (with Basic credentials), SiteMinder, and COREid authentication methods.
1. Log on to the Web Management Console.
2. Browse to Configuration, >> Authentication.
3. Click each of the above authentication mechanisms and select the "General" tab (e.g., Radius General or LDAP General).
4. Verify that the "Credential Refresh" time is set to the organization-defined time period (a minimum of 300 seconds).
If Symantec ProxySG does not prohibit the use of cached authenticators after 300 seconds at a minimum, this is a finding.
M
3515