STIGQter STIGQter: STIG Summary: Symantec ProxySG NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020: Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used.

DISA Rule

SV-104529r1_rule

Vulnerability Number

V-94699

Group Title

SRG-APP-000395-NDM-000310

Rule Version

SYMP-NM-000240

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Enable only SNMPv3 (which supports authentication) on the Symantec ProxySG.

1. Log on to the Web Management Console.
2. Click Maintenance >> SNMP.
3. Uncheck "Enable SNMPv1" and "Enable SNMPv2c" and check "Enable SNMPv3".
4. Click on "SNMPv3 Users", click "New" and enter the desired username, credentials, and authorization settings, click "OK".
5. Click "SNMPv3 Traps", click "New", enter the IP address/FQDN for the SNMP receiver.
6. Click "OK", click "Apply".

Check Contents

Verify only SNMPv3 (which supports authentication) is configured on the Symantec ProxySG.

1. Log on to the Web Management Console.
2. Click Maintenance >> SNMP.
3. Ensure that only "Enable SNMPv3" is checked.
4. Click on "SNMPv3 Users" and ensure that a user exists in the list.

If SNMPv3 (which supports authentication) is not configured or is not the only one configured on the Symantec ProxySG, this is a finding.

Vulnerability Number

V-94699

Documentable

False

Rule Version

SYMP-NM-000240

Severity Override Guidance

Verify only SNMPv3 (which supports authentication) is configured on the Symantec ProxySG.

1. Log on to the Web Management Console.
2. Click Maintenance >> SNMP.
3. Ensure that only "Enable SNMPv3" is checked.
4. Click on "SNMPv3 Users" and ensure that a user exists in the list.

If SNMPv3 (which supports authentication) is not configured or is not the only one configured on the Symantec ProxySG, this is a finding.

Check Content Reference

M

Target Key

3517

Comments