STIGQter: STIG Summary: F5 BIG-IP Local Traffic Manager 11.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020: STIGQter: STIG Summary: F5 BIG-IP Local Traffic Manager 11.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:SV-215738r557356_rule
V-215738
SRG-NET-000015-ALG-000016
F5BI-LT-000003
CAT II
10
If user access control intermediary services are provided, configure the BIG-IP Core as follows:
Configure a policy in the BIG-IP APM module to enforce approved authorizations for logical access to information and system resources by employing identity-based, role-based, and/or attribute-based security policies.
Apply the APM policy to the applicable Virtual Server(s) in the BIG-IP LTM module to enforce approved authorizations for logical access to information and system resources by employing identity-based, role-based, and/or attribute-based security policies.
If the BIG-IP Core does not provide user access control intermediary services for virtual servers, this is not applicable.
When user access control intermediary services are provided, verify the BIG-IP Core is configured as follows:
Verify Virtual Server(s) in the BIG-IP LTM module are configured with an APM policy to enforce approved authorizations for logical access to information and system resources employing identity-based, role-based, and/or attribute-based security policies.
Navigate to the BIG-IP System manager >> Local Traffic >> Virtual Servers >> Virtual Servers List tab.
Select Virtual Servers(s) from the list to verify.
Verify under "Access Policy" section, that "Access Policy" has been set to use an access policy to enforce approved authorizations for logical access to information.
If the BIG-IP Core is not configured to enforce approved authorizations for logical access to information and system resources by employing identity-based, role-based, and/or attribute-based security policies, this is a finding.
V-215738
False
F5BI-LT-000003
If the BIG-IP Core does not provide user access control intermediary services for virtual servers, this is not applicable.
When user access control intermediary services are provided, verify the BIG-IP Core is configured as follows:
Verify Virtual Server(s) in the BIG-IP LTM module are configured with an APM policy to enforce approved authorizations for logical access to information and system resources employing identity-based, role-based, and/or attribute-based security policies.
Navigate to the BIG-IP System manager >> Local Traffic >> Virtual Servers >> Virtual Servers List tab.
Select Virtual Servers(s) from the list to verify.
Verify under "Access Policy" section, that "Access Policy" has been set to use an access policy to enforce approved authorizations for logical access to information.
If the BIG-IP Core is not configured to enforce approved authorizations for logical access to information and system resources by employing identity-based, role-based, and/or attribute-based security policies, this is a finding.
M
4019