STIGQter STIGQter: STIG Summary:

Citrix Virtual Apps and Desktop 7.x License Server Security Technical Implementation Guide

Version: 1

Release: 1 Benchmark Date: 28 Jan 2021

SV-234222r628795_ruleCitrix License Server must implement DoD-approved encryption to protect the confidentiality of remote access sessions.
SV-234223r628795_ruleCitrix License Server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.
SV-234224r628795_ruleCitrix License Server must protect the authenticity of communications sessions.
SV-234225r628795_ruleCitrix License Server must prohibit the use of cached authenticators after an organization-defined time period.
SV-234226r628795_ruleCitrix License Server must protect the confidentiality and integrity of transmitted information.
SV-234227r628795_ruleCitrix License Server must implement cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by alternative physical safeguards, such as, at a minimum, a Protected Distribution Systems (PDS).
SV-234228r628795_ruleCitrix License Server must maintain the confidentiality and integrity of information during reception.