STIGQter: STIG Summary: Symantec ProxySG ALG Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020:

Symantec ProxySG must fail securely in the event of an operational failure.

DISA Rule

SV-104279r1_rule

Vulnerability Number

V-94325

Group Title

SRG-NET-000365-ALG-000123

Rule Version

SYMP-AG-000560

Severity

CAT II

CCI(s)

• CCI-001126 - The information system fails securely in the event of an operational failure of a boundary protection device.

Weight

10

Fix Recommendation

Configure the transparent, physically in-line hardware ProxySG appliance to fail securely in the event of an operational failure.

1. Browse to Configuration >> Network >> Adapters >> Bridges.
2. Select the appropriate bridge-pair (whichever is in use) and click "Edit".
3. Select the "fail-closed" radio button and click "Apply".

Check Contents

Verify that the transparent, physically in-line hardware ProxySG appliance is configured to fail securely in the event of an operational failure.

1. Browse to Configuration >> Network >> Adapters >> Bridges.
2. Select the appropriate bridge-pair (whichever is in use) and click "Edit".
3. Verify that the "fail-closed" radio button is selected.

If the "fail-closed" radio button is not selected, this is a finding.

Vulnerability Number

V-94325

Documentable

False

Rule Version

SYMP-AG-000560

Severity Override Guidance

Verify that the transparent, physically in-line hardware ProxySG appliance is configured to fail securely in the event of an operational failure.

1. Browse to Configuration >> Network >> Adapters >> Bridges.
2. Select the appropriate bridge-pair (whichever is in use) and click "Edit".
3. Verify that the "fail-closed" radio button is selected.

If the "fail-closed" radio button is not selected, this is a finding.

Check Content Reference

M

Target Key

3515

Comments