SV-74629r1_rule
V-60199
SRG-APP-000353-NDM-000292
F5BI-DM-000189
CAT II
10
Configure the BIG-IP appliance to use a properly configured authentication server to provide the capability for organization-identified individuals or roles be assigned to change the auditing to be performed based on all selectable event criteria within near-real-time.
Verify the BIG-IP appliance is configured to only allow organization-identified individuals or roles to change the auditing to be performed based on all selectable event criteria within near-real-time.
Navigate to the BIG-IP System manager >> System >> Users >> Authentication.
Verify that "User Directory" is set to an approved authentication server that assigns authenticated users to an appropriate group.
Navigate to System >> Users >> Remote Role Groups.
Verify Remote Role Groups are assigned proper Role Access and Partition Access.
If the BIG-IP appliance is not configured to provide the capability for organization-identified individuals or roles to change the auditing to be performed based on all selectable event criteria within near-real-time, this is a finding.
V-60199
False
F5BI-DM-000189
Verify the BIG-IP appliance is configured to only allow organization-identified individuals or roles to change the auditing to be performed based on all selectable event criteria within near-real-time.
Navigate to the BIG-IP System manager >> System >> Users >> Authentication.
Verify that "User Directory" is set to an approved authentication server that assigns authenticated users to an appropriate group.
Navigate to System >> Users >> Remote Role Groups.
Verify Remote Role Groups are assigned proper Role Access and Partition Access.
If the BIG-IP appliance is not configured to provide the capability for organization-identified individuals or roles to change the auditing to be performed based on all selectable event criteria within near-real-time, this is a finding.
M
2845