STIGQter STIGQter: STIG Summary: Riverbed SteelHead CX v8 NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 25 Oct 2019:

Riverbed Optimization System (RiOS) performing maintenance functions must restrict use of these functions to authorized personnel only.

DISA Rule

SV-77469r1_rule

Vulnerability Number

V-62979

Group Title

SRG-APP-000408-NDM-000314

Rule Version

RICX-DM-000133

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure RiOS to restrict use of maintenance functions to authorized personnel only.

Navigate to the device Management Console
Navigate to Configure >> Security >> User Permissions
Click "Add New User Account" under "Role Based Accounts"
Set User Permissions of authorized personnel to allow performance of maintenance functions
Click "Add"

Navigate to the top of the web page and click "Save" to save these settings permanently

Check Contents

Verify that RiOS is configured so that performing maintenance functions is restricted to authorized personnel only.

Navigate to the device Management Console
Navigate to Configure >> Security >> User Permissions

Verify that only authorized personnel have the permissions to perform maintenance functions

If user permissions for authorized personnel are not set to authorize maintenance functions, this is a finding.

Vulnerability Number

V-62979

Documentable

False

Rule Version

RICX-DM-000133

Severity Override Guidance

Verify that RiOS is configured so that performing maintenance functions is restricted to authorized personnel only.

Navigate to the device Management Console
Navigate to Configure >> Security >> User Permissions

Verify that only authorized personnel have the permissions to perform maintenance functions

If user permissions for authorized personnel are not set to authorize maintenance functions, this is a finding.

Check Content Reference

M

Target Key

2931

Comments