STIGQter: STIG Summary: Bromium Secure Platform 4.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 May 2018:

The Bromium Enterprise Controller (BEC) Update Interval must be set to a maximum of one hour.

DISA Rule

SV-95167r1_rule

Vulnerability Number

V-80463

Group Title

SRG-APP-000390

Rule Version

BROM-00-000905

Severity

CAT II

CCI(s)

• CCI-002039 - The organization requires devices to reauthenticate upon organization-defined circumstances or situations requiring reauthentication.

Weight

10

Fix Recommendation

Configure the Update Internal for the BEC/vSentry client update of event data, remote commands, policy updates, and reauthenication.

1. From the management console, navigate to the "Policies" menu.
2. Select the Base policy.
3. Click the "Manageability" tab.
4. Edit the "Update Interval" parameter to reflect "3600" seconds.
5. Click "Save and Deploy".

Note: A value of 1 hour/3600 seconds is the recommended setting; however, the setting may be changed to a lower interval based on mission needs.

Check Contents

Verify the Update Interval is set to one hour.

1. From the management console, navigate to the "Policies" menu.
2. Select the Base policy.
3. Click the "Manageability" tab.
4. Inspect the "Update Interval" parameter to reflect the desired interval (1 hour/3600 seconds is the maximum).

If the BEC Update Interval is set to more than one hour, this is a finding.

Vulnerability Number

V-80463

Documentable

False

Rule Version

BROM-00-000905

Severity Override Guidance

Verify the Update Interval is set to one hour.

1. From the management console, navigate to the "Policies" menu.
2. Select the Base policy.
3. Click the "Manageability" tab.
4. Inspect the "Update Interval" parameter to reflect the desired interval (1 hour/3600 seconds is the maximum).

If the BEC Update Interval is set to more than one hour, this is a finding.

Check Content Reference

M

Target Key

3375

Comments