STIGQter STIGQter: STIG Summary: Symantec ProxySG NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020:

Symantec ProxySG must be configured to use only FIPS 140-2 approved algorithms for authentication to a cryptographic module with any application or protocol.

DISA Rule

SV-104537r1_rule

Vulnerability Number

V-94707

Group Title

SRG-APP-000179-NDM-000265

Rule Version

SYMP-NM-000280

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Configure the ProxySG to use only FIPS 140-2 approved algorithms.

1. Log on to the CLI via SSH.
2. Type "enable", press "Enter".
3. Type "configure", press "Enter".
4. Type "management services", press "Enter".
5. Type "edit https-console", press "Enter".
6. Type "attribute cipher-suite", press "Enter".
7. From the list displayed, enter a list of cipher numbers (comma separated) that correspond to only FIPS 140-2 approved algorithms.

Check Contents

Verify only FIPS 140-2 approved algorithms are used.

1. Log on to the CLI via SSH.
2. Type "show management services", press "Enter".
3. Ensure that the "Cipher Suite" attribute contains only FIPS 140-2 approved algorithms.

If Symantec ProxySG is not configured to use FIPS 140-2 approved algorithms for authentication to a cryptographic module for any protocol or application, this is a finding.

Vulnerability Number

V-94707

Documentable

False

Rule Version

SYMP-NM-000280

Severity Override Guidance

Verify only FIPS 140-2 approved algorithms are used.

1. Log on to the CLI via SSH.
2. Type "show management services", press "Enter".
3. Ensure that the "Cipher Suite" attribute contains only FIPS 140-2 approved algorithms.

If Symantec ProxySG is not configured to use FIPS 140-2 approved algorithms for authentication to a cryptographic module for any protocol or application, this is a finding.

Check Content Reference

M

Target Key

3517

Comments