STIGQter STIGQter: STIG Summary: Palo Alto Networks NDM Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Palo Alto Networks security platform must enforce a 60-day maximum password lifetime restriction.

DISA Rule

SV-77231r1_rule

Vulnerability Number

V-62741

Group Title

SRG-APP-000174-NDM-000261

Rule Version

PANW-NM-000063

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Go to Device >> Setup >> Management
In the "Minimum Password Complexity" window, select the "Edit" icon (the gear symbol in the upper-right corner of the pane).
In the "Required Password Change Period (days)" field, enter "60".
Check the "Enabled box", then select "OK".
Commit changes by selecting "Commit" in the upper-right corner of the screen.
Select "OK" when the confirmation dialog appears.

Check Contents

Go to Device >> Setup >> Management
View the "Minimum Password Complexity" window.
If the "Required Password Change Period (days)" field is not "60", this is a finding.

Vulnerability Number

V-62741

Documentable

False

Rule Version

PANW-NM-000063

Severity Override Guidance

Go to Device >> Setup >> Management
View the "Minimum Password Complexity" window.
If the "Required Password Change Period (days)" field is not "60", this is a finding.

Check Content Reference

M

Target Key

2811

Comments