STIGQter: STIG Summary: Riverbed SteelHead CX v8 NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 25 Oct 2019:

Riverbed Optimization System (RiOS) must enforce the limit of three (3) consecutive invalid logon attempts by a user during a 15-minute time period for device console access.

DISA Rule

SV-77349r1_rule

Vulnerability Number

V-62859

Group Title

SRG-APP-000065-NDM-000214

Rule Version

RICX-DM-000024

Severity

CAT II

CCI(s)

CCI-000044 - The information system enforces the organization-defined limit of consecutive invalid logon attempts by a user during the organization-defined time period.

Weight

Fix Recommendation

Configure RiOS to limit the number of invalid logon attempts to 3 during a 15 minute period.

Login to the device console to access the command line interface (CLI)

Type: enable
Type: conf t
Type: authentication policy template strong
Scroll down to "Maximum unsuccessful logins before account lockout:" and type "3"
Under "Wait before account unlock:" and type "900" Seconds
Type: write memory

Check Contents

Verify that RiOS is configured to limit the number of invalid logon attempts during a 15 minute period to 3.

Login to the device console to access the command line interface (CLI)

Type: show authentication policy

Verify that "Maximum unsuccessful logins before account lockout:" is set to "3"
Verify that "Wait before account unlock:" is set to "900" seconds

If "Maximum unsuccessful logins before account lockout" is not set to "3" and/or "Wait before account unlock" is not set to "900" seconds, this is a finding.

Riverbed Optimization System (RiOS) must enforce the limit of three (3) consecutive invalid logon attempts by a user during a 15-minute time period for device console access.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments