STIGQter: STIG Summary: F5 BIG-IP Local Traffic Manager 11.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020: STIGQter: STIG Summary: F5 BIG-IP Local Traffic Manager 11.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:SV-215777r557356_rule
V-215777
SRG-NET-000319-ALG-000020
F5BI-LT-000165
CAT II
10
If the BIG-IP Core performs content filtering as part of the traffic management functionality, configure the BIG-IP Core as follows:
Configure a policy in the BIG-IP ASM module to detect SQL injection attacks being launched against data storage objects, including, at a minimum, databases, database records, and database fields.
Apply ASM policy to the applicable Virtual Server(s) in BIG-IP LTM module to detect SQL injection attacks being launched against data storage objects, including, at a minimum, databases, database records, and database fields.
If the BIG-IP Core does not perform content filtering as part of the traffic management functionality for virtual servers, this is not applicable.
When content filtering is performed as part of the traffic management functionality, verify the BIG-IP Core is configured as follows:
Verify Virtual Server(s) in the BIG-IP LTM module are configured with an ASM policy to detect SQL injection attacks being launched against data storage objects, including, at a minimum, databases, database records, and database fields.
Navigate to the BIG-IP System manager >> Local Traffic >> Virtual Servers >> Virtual Servers List tab.
Select Virtual Servers(s) from the list to verify.
Navigate to the Security >> Policies tab.
Verify that "Application Security Policy" is Enabled and "Policy" is set to detect SQL injection attacks being launched against data storage objects, including, at a minimum, databases, database records, and database fields.
If the BIG-IP Core is not configured to detect SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields, this is a finding.
V-215777
False
F5BI-LT-000165
If the BIG-IP Core does not perform content filtering as part of the traffic management functionality for virtual servers, this is not applicable.
When content filtering is performed as part of the traffic management functionality, verify the BIG-IP Core is configured as follows:
Verify Virtual Server(s) in the BIG-IP LTM module are configured with an ASM policy to detect SQL injection attacks being launched against data storage objects, including, at a minimum, databases, database records, and database fields.
Navigate to the BIG-IP System manager >> Local Traffic >> Virtual Servers >> Virtual Servers List tab.
Select Virtual Servers(s) from the list to verify.
Navigate to the Security >> Policies tab.
Verify that "Application Security Policy" is Enabled and "Policy" is set to detect SQL injection attacks being launched against data storage objects, including, at a minimum, databases, database records, and database fields.
If the BIG-IP Core is not configured to detect SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields, this is a finding.
M
4019