STIGQter: STIG Summary: Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020: STIGQter: STIG Summary: Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020:SV-95525r1_rule
V-80815
SRG-APP-000142-AAA-000010
SRG-APP-000142-AAA-000010
CAT I
10
Configure AAA Services to use secure protocols when connecting to directory services. The use of LDAP over TLS (LDAPS) is the most common method to secure the directory services or user database traffic. However, proprietary or other protocols may be used in some configurations. Each protocol egressing the local enclave must be implemented in accordance with its PPSM CAL.
If AAA Services do not connect to a directory services or other identity provider, but instead perform user and device account management as part of their functionality, this is not applicable.
Review the AAA Services configuration when connecting to directory services or another identity provider. Verify the connection is configured to use secure protocols for transport between AAA Services and the directory services using mutual authentication. The use of LDAP over TLS (LDAPS) is the most common method to secure the directory services or user database traffic. Each protocol egressing the local enclave must be implemented in accordance with its PPSM CAL.
If AAA Services do not use secure protocols when connecting to directory services, this is a finding. If the protocols are not implemented in accordance with the PPSM CAL, this is a finding.
V-80815
False
SRG-APP-000142-AAA-000010
If AAA Services do not connect to a directory services or other identity provider, but instead perform user and device account management as part of their functionality, this is not applicable.
Review the AAA Services configuration when connecting to directory services or another identity provider. Verify the connection is configured to use secure protocols for transport between AAA Services and the directory services using mutual authentication. The use of LDAP over TLS (LDAPS) is the most common method to secure the directory services or user database traffic. Each protocol egressing the local enclave must be implemented in accordance with its PPSM CAL.
If AAA Services do not use secure protocols when connecting to directory services, this is a finding. If the protocols are not implemented in accordance with the PPSM CAL, this is a finding.
M
3357