STIGQter: STIG Summary: Riverbed SteelHead CX v8 NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 25 Oct 2019:

Riverbed Optimization System (RiOS) must generate unique session identifiers using a FIPS 140-2 approved random number generator.

DISA Rule

SV-77479r1_rule

Vulnerability Number

V-62989

Group Title

SRG-APP-000224-NDM-000270

Rule Version

RICX-DM-000141

Severity

CAT II

CCI(s)

• CCI-001188 - The information system generates unique session identifiers for each session with organization-defined randomness requirements.

Weight

10

Fix Recommendation

Configure RiOS is configured to generate unique session identifiers using a FIPS 140-2 approved random number generator.

Navigate to the device CLI
Type: enable
Type: conf t
Type: fips enable
Type: write memory
Type: reload

Type: show fips status
Verify that "FIPS Mode: Enabled" is displayed on the screen.

Type: exit
Type: exit

Check Contents

Verify that RiOS is configured to generate unique session identifiers using a FIPS 140-2 approved random number generator.

Navigate to the device CLI
Type: enable
Type: conf t
Type: show fips status
Verify that "FIPS Mode: Enabled" is displayed on the console

If "FIPS Mode: Enabled" is not displayed on the console, this is a finding.

Vulnerability Number

V-62989

Documentable

False

Rule Version

RICX-DM-000141

Severity Override Guidance

Verify that RiOS is configured to generate unique session identifiers using a FIPS 140-2 approved random number generator.

Navigate to the device CLI
Type: enable
Type: conf t
Type: show fips status
Verify that "FIPS Mode: Enabled" is displayed on the console

If "FIPS Mode: Enabled" is not displayed on the console, this is a finding.

Check Content Reference

M

Target Key

2931

Comments