STIGQter: STIG Summary: F5 BIG-IP Local Traffic Manager 11.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020: STIGQter: STIG Summary: F5 BIG-IP Local Traffic Manager 11.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:SV-215778r557356_rule
V-215778
SRG-NET-000319-ALG-000153
F5BI-LT-000167
CAT II
10
If the BIG-IP Core performs content filtering as part of the traffic management functionality, configure the BIG-IP Core as follows:
Configure a policy in the BIG-IP ASM module to detect code injection attacks being launched against application objects, including, at a minimum, application URLs and application code.
Apply ASM policy to the applicable Virtual Server(s) in BIG-IP LTM module to detect code injection attacks being launched against application objects, including, at a minimum, application URLs and application code, when providing content filtering to virtual servers.
If the BIG-IP Core does not perform content filtering as part of the traffic management functionality for virtual servers, this is not applicable.
When content filtering is performed as part of the traffic management functionality, verify the BIG-IP Core is configured as follows:
Verify Virtual Server(s) in the BIG-IP LTM module are configured with an ASM policy to detect code injection attacks being launched against application objects, including, at a minimum, application URLs and application code.
Navigate to the BIG-IP System manager >> Local Traffic >> Virtual Servers >> Virtual Servers List tab.
Select Virtual Servers(s) from the list to verify.
Navigate to the Security >> Policies tab.
Verify that "Application Security Policy" is Enabled and "Policy" is set to detect code injection attacks being launched against application objects, including, at a minimum, application URLs and application code, when providing content filtering to virtual servers.
If the BIG-IP Core is not configured to detect code injection attacks from being launched against application objects, including, at a minimum, application URLs and application code, this is a finding.
V-215778
False
F5BI-LT-000167
If the BIG-IP Core does not perform content filtering as part of the traffic management functionality for virtual servers, this is not applicable.
When content filtering is performed as part of the traffic management functionality, verify the BIG-IP Core is configured as follows:
Verify Virtual Server(s) in the BIG-IP LTM module are configured with an ASM policy to detect code injection attacks being launched against application objects, including, at a minimum, application URLs and application code.
Navigate to the BIG-IP System manager >> Local Traffic >> Virtual Servers >> Virtual Servers List tab.
Select Virtual Servers(s) from the list to verify.
Navigate to the Security >> Policies tab.
Verify that "Application Security Policy" is Enabled and "Policy" is set to detect code injection attacks being launched against application objects, including, at a minimum, application URLs and application code, when providing content filtering to virtual servers.
If the BIG-IP Core is not configured to detect code injection attacks from being launched against application objects, including, at a minimum, application URLs and application code, this is a finding.
M
4019