STIGQter: STIG Summary: Riverbed SteelHead CX v8 NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 25 Oct 2019:

Riverbed Optimization System (RiOS) must be configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments.

DISA Rule

SV-77439r1_rule

Vulnerability Number

V-62949

Group Title

SRG-APP-000142-NDM-000245

Rule Version

RICX-DM-000096

Severity

CAT II

CCI(s)

• CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

10

Fix Recommendation

Configure RiOS to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services , as defined in the PPSM CAL and vulnerability assessments.

Navigate to the device Management Console
Navigate to Configure >> Security >> Management ACL
Click "Add a New Rule"
Set the values in "Management ACL Settings" to match requirements defined in the PPSM CAL and vulnerability assessments
Check the field "Enable Management ACL"
Click "Apply"
Navigate to the top of the web page and click "Save" to save these settings permanently

Check Contents

Verify that RiOS is configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services as defined in the PPSM CAL and vulnerability assessments.

Navigate to the device Management Console
Navigate to Configure >> Security >> Management ACL

Verify that this page contains all unnecessary and/or nonsecure functional, ports, protocols, and/or services as defined in the PPSM CAL and vulnerability assessments.
Verify that "Enable Management ACL" is checked.

If no PPSM CAL or vulnerability assessment information is presented on this page or "Enable Management ACL" is not checked, this is a finding.

Vulnerability Number

V-62949

Documentable

False

Rule Version

RICX-DM-000096

Severity Override Guidance

Verify that RiOS is configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services as defined in the PPSM CAL and vulnerability assessments.

Navigate to the device Management Console
Navigate to Configure >> Security >> Management ACL

Verify that this page contains all unnecessary and/or nonsecure functional, ports, protocols, and/or services as defined in the PPSM CAL and vulnerability assessments.
Verify that "Enable Management ACL" is checked.

If no PPSM CAL or vulnerability assessment information is presented on this page or "Enable Management ACL" is not checked, this is a finding.

Check Content Reference

M

Target Key

2931

Comments