STIGQter STIGQter: STIG Summary: Palo Alto Networks NDM Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

If multifactor authentication is not available and passwords must be used, the Palo Alto Networks security platform must enforce a minimum 15-character password length.

DISA Rule

SV-77213r1_rule

Vulnerability Number

V-62723

Group Title

SRG-APP-000164-NDM-000252

Rule Version

PANW-NM-000053

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Go to Device >> Setup >> Management
In the "Minimum Password Complexity" window, select the "Edit" icon (the gear symbol in the upper-right corner of the pane).
In the "Minimum Length" field, enter "15".
Check the "Enabled" box, then select "OK".
Commit changes by selecting "Commit" in the upper-right corner of the screen.
Select "OK" when the confirmation dialog appears.

Check Contents

Go to Device >> Setup >> Management
View the "Minimum Password Complexity" window.
If the "Minimum Length" field is not "15", this is a finding.

Vulnerability Number

V-62723

Documentable

False

Rule Version

PANW-NM-000053

Severity Override Guidance

Go to Device >> Setup >> Management
View the "Minimum Password Complexity" window.
If the "Minimum Length" field is not "15", this is a finding.

Check Content Reference

M

Target Key

2811

Comments