STIGQter: STIG Summary: A10 Networks ADC NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 15 Apr 2016:

The A10 Networks ADC must terminate management sessions after 10 minutes of inactivity except to fulfill documented and validated mission requirements.

DISA Rule

SV-82547r1_rule

Vulnerability Number

V-68057

Group Title

SRG-APP-000190-NDM-000267

Rule Version

AADC-NM-000070

Severity

CAT I

CCI(s)

• CCI-001133 - The information system terminates the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity.

Weight

10

Fix Recommendation

The following command sets the terminal idle timeout to 10 minutes:
terminal idle-timeout 10

The following command sets the Web GUI timeout to 10 minutes:
web-service timeout-policy idle 10

Note: 10 minutes is the default setting.

Check Contents

Review the device configuration.

The following command shows the terminal settings:
show terminal

If the idle-timeout is greater than 10 minutes or is set to zero (no timeout), this is a finding.

The following command shows the web management (GUI) settings:
show web-service

If the idle time is greater than 10 minutes or is set to zero (no timeout), this is a finding.

Vulnerability Number

V-68057

Documentable

False

Rule Version

AADC-NM-000070

Severity Override Guidance

Review the device configuration.

The following command shows the terminal settings:
show terminal

If the idle-timeout is greater than 10 minutes or is set to zero (no timeout), this is a finding.

The following command shows the web management (GUI) settings:
show web-service

If the idle time is greater than 10 minutes or is set to zero (no timeout), this is a finding.

Check Content Reference

M

Target Key

2915

Comments