STIGQter STIGQter: STIG Summary: Juniper SRX SG NDM Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The Juniper SRX Services Gateway must be configured to use an authentication server to centrally apply authentication and logon settings for remote and nonlocal access for device management.

DISA Rule

SV-229024r518250_rule

Vulnerability Number

V-229024

Group Title

SRG-APP-000516-NDM-000317

Rule Version

JUSX-DM-000096

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Juniper SRX to support the use of AAA services to centrally apply user authentication and logon settings.

[edit]
set system tacplus-server address <server ipaddress> port 1812 secret <shared secret>

or

[edit]
set system radius-server address <server ipaddress> port 1812 secret <shared secret>

Check Contents

Verify the Juniper SRX is configured to support the use of AAA services to centrally apply user authentication and logon settings.

From the CLI operational mode enter:
show system radius-server
or
show system tacplus-server

If the Juniper SRX has not been configured to support the use of RADIUS and/or TACACS+ servers to centrally apply authentication and logon settings for remote and nonlocal access, this is a finding.

Vulnerability Number

V-229024

Documentable

False

Rule Version

JUSX-DM-000096

Severity Override Guidance

Verify the Juniper SRX is configured to support the use of AAA services to centrally apply user authentication and logon settings.

From the CLI operational mode enter:
show system radius-server
or
show system tacplus-server

If the Juniper SRX has not been configured to support the use of RADIUS and/or TACACS+ servers to centrally apply authentication and logon settings for remote and nonlocal access, this is a finding.

Check Content Reference

M

Target Key

4098

Comments