STIGQter: STIG Summary: F5 BIG-IP Device Management 11.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The BIG-IP appliance must be configured to generate alerts that can be forwarded to the administrators and Information System Security Officer (ISSO) when accounts are modified.

DISA Rule

SV-228996r557520_rule

Vulnerability Number

V-228996

Group Title

SRG-APP-000516-NDM-000317

Rule Version

F5BI-DM-000157

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.
CCI-001684 - The information system notifies organization-defined personnel or roles for account modification actions.

Weight

Fix Recommendation

Configure the BIG-IP appliance to use a properly configured authentication server to send a notification message to the administrators and ISSO when accounts are modified.

Check Contents

Verify the BIG-IP appliance is configured to use a properly configured authentication server that generates alerts that can be forwarded to the administrators and ISSO when accounts are modified.

Navigate to the BIG-IP System manager >> System >> Users >> Authentication.

Verify that "User Directory" is set to an approved authentication server type that generates alerts that can be forwarded to the administrators and ISSO when accounts are modified.

If the BIG-IP appliance is not configured to use an authentication server that would perform this function, this is a finding.

The BIG-IP appliance must be configured to generate alerts that can be forwarded to the administrators and Information System Security Officer (ISSO) when accounts are modified.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments