STIGQter: STIG Summary: Application Layer Gateway (ALG) Security Requirements Guide (SRG) Version: 1 Release: 2 Benchmark Date: 24 Jul 2015: STIGQter: STIG Summary: Application Layer Gateway (ALG) Security Requirements Guide (SRG) Version: 1 Release: 2 Benchmark Date: 24 Jul 2015:SV-68781r1_rule
V-54535
SRG-NET-000169-ALG-000102
SRG-NET-000169-ALG-000102
CAT II
10
If user authentication intermediary services are provided, configure ALG to uniquely identify and authenticate non-organizational users or processes acting on behalf of non-organizational users.
If intermediary services are not provided to non-organizational users, this is not applicable.
If the ALG does not provide user authentication intermediary services, this is not applicable.
Review the ALG authentication functions. Verify identification and authentication is required for non-organizational users.
Examine the policy filters to verify a rule exists to deny access to unauthenticated, non-organizational users.
If the ALG does not uniquely identify and authenticate non-organizational users or processes acting on behalf of non-organizational users, this is a finding.
V-54535
False
SRG-NET-000169-ALG-000102
If intermediary services are not provided to non-organizational users, this is not applicable.
If the ALG does not provide user authentication intermediary services, this is not applicable.
Review the ALG authentication functions. Verify identification and authentication is required for non-organizational users.
Examine the policy filters to verify a rule exists to deny access to unauthenticated, non-organizational users.
If the ALG does not uniquely identify and authenticate non-organizational users or processes acting on behalf of non-organizational users, this is a finding.
M
2489