STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020: STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020:SV-104249r1_rule
V-94295
SRG-NET-000166-ALG-000101
SYMP-AG-000410
CAT II
10
Configure the ProxySG to map PKI user credentials to user identities in a reverse proxy configuration.
1. Log on to the Web Management Console.
2. Browse to Configuration >> Services >> Proxy Services.
3. Click each HTTPS Reverse Proxy service and click "Edit Service".
4. Check the "Verify Client" option and click "Apply".
5. Configure all remaining options in accordance with the site's SSP.
Verify that PKI user credentials map identities to the user account name in a reverse proxy configuration.
1. Log on to the Web Management Console.
2. Browse to Configuration >> Services >> Proxy Services.
3. Click each HTTPS Reverse Proxy service and click "Edit Service".
4. Verify that "Verify Client" is checked. Verify that all remaining options are in accordance with the site's SSP.
If Symantec ProxySG, when configured for reverse proxy/WAF services and providing PKI-based user authentication intermediary services, does not map the client certificate to the authentication server store, this is a finding.
V-94295
False
SYMP-AG-000410
Verify that PKI user credentials map identities to the user account name in a reverse proxy configuration.
1. Log on to the Web Management Console.
2. Browse to Configuration >> Services >> Proxy Services.
3. Click each HTTPS Reverse Proxy service and click "Edit Service".
4. Verify that "Verify Client" is checked. Verify that all remaining options are in accordance with the site's SSP.
If Symantec ProxySG, when configured for reverse proxy/WAF services and providing PKI-based user authentication intermediary services, does not map the client certificate to the authentication server store, this is a finding.
M
3515