STIGQter STIGQter: STIG Summary: Bromium Secure Platform 4.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 May 2018:

The Bromium Enterprise Controller (BEC) must protect the BEC Web Console from unauthorized access.

DISA Rule

SV-95135r1_rule

Vulnerability Number

V-80431

Group Title

SRG-APP-000121

Rule Version

BROM-00-000245

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure BEC Web console access to permit only authorized users.

1. From the BEC console, click on "Settings".
2. Select "Users".
3. Click User Options >> Add User.
4. Add new user and their Active Directory details, and assign new user to a Group using the drop-down list.

Check Contents

Obtain a list of authorized BEC Web console users from the site representative. Verify only these users are configured for access.

1. From the BEC console, click on "Settings".
2. View the list of Users.

If unauthorized users are listed in the BEC Web console, this is a finding.

Vulnerability Number

V-80431

Documentable

False

Rule Version

BROM-00-000245

Severity Override Guidance

Obtain a list of authorized BEC Web console users from the site representative. Verify only these users are configured for access.

1. From the BEC console, click on "Settings".
2. View the list of Users.

If unauthorized users are listed in the BEC Web console, this is a finding.

Check Content Reference

M

Target Key

3375

Comments