STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020:

Symantec ProxySG must fail to a secure state upon failure of initialization, shutdown, or abort actions.

DISA Rule

SV-104269r1_rule

Vulnerability Number

V-94315

Group Title

SRG-NET-000235-ALG-000118

Rule Version

SYMP-AG-000510

Severity

CAT II

CCI(s)

• CCI-001190 - The information system fails to an organization-defined known-state for organization-defined types of failures.

Weight

10

Fix Recommendation

Configure the transparent, physically in-line hardware ProxySG appliance to fail securely in the event of failures of initialization, shutdown, or abort actions.

1. Browse to Configuration >> Network >> Adapters >> Bridges.
2. Select the appropriate bridge-pair (whichever is in use) and click "Edit".
3. Select the "fail-closed" radio button and click "Apply".

Check Contents

Verify that the transparent, physically in-line hardware ProxySG appliance is configured to fail securely in the event of failures of initialization, shutdown, or abort actions.

1. Browse to Configuration >> Network >> Adapters >> Bridges.
2. Select the appropriate bridge-pair (whichever is in use) and click "Edit".
3. Verify that the "fail-closed" radio button is selected.

If the "failed-closed" radio button is not selected, this is a finding.

Vulnerability Number

V-94315

Documentable

False

Rule Version

SYMP-AG-000510

Severity Override Guidance

Verify that the transparent, physically in-line hardware ProxySG appliance is configured to fail securely in the event of failures of initialization, shutdown, or abort actions.

1. Browse to Configuration >> Network >> Adapters >> Bridges.
2. Select the appropriate bridge-pair (whichever is in use) and click "Edit".
3. Verify that the "fail-closed" radio button is selected.

If the "failed-closed" radio button is not selected, this is a finding.

Check Content Reference

M

Target Key

3515

Comments