DISA Symantec ProxySG Benchmark NDM v1r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA Symantec ProxySG Benchmark NDM v1r1

Updated: 1/20/2021

Authority: DISA STIG

Plugin: BlueCoat

Revision: 1.3

Estimated Item Count: 58

File Details

Filename: DISA_STIG_Symantec_ProxySG_NDM_v1r1.audit

Size: 132 kB

MD5: c9be7047a478f10d5ec0f47211a97752

SHA256: ee319a991875f1c465cc36875b498a89d3227b728c1e05dc096f26a33f8dc5fb

Audit Items

Description	Categories
SYMP-NM-000010 - Symantec ProxySG must be configured with only one local account that is used as the account of last resort.	CONFIGURATION MANAGEMENT
SYMP-NM-000020 - Symantec ProxySG must be configured to enforce user authorization to implement least privilege.	CONFIGURATION MANAGEMENT
SYMP-NM-000030 - Symantec ProxySG must configure Web Management Console access restrictions to authorized IP address/ranges.	CONFIGURATION MANAGEMENT
SYMP-NM-000040 - Symantec ProxySG must be configured to enforce assigned privilege levels for approved administrators when accessing the management console, SSH, and the command line interface (CLI).	CONFIGURATION MANAGEMENT
SYMP-NM-000050 - Symantec ProxySG must be configured to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period. - Lockout duration	ACCESS CONTROL
SYMP-NM-000050 - Symantec ProxySG must be configured to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period. - max-failed-attempts	ACCESS CONTROL
SYMP-NM-000050 - Symantec ProxySG must be configured to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period. - Reset interval	ACCESS CONTROL
SYMP-NM-000060 - Symantec ProxySG must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device.
SYMP-NM-000070 - Symantec ProxySG must enable event access logging.	AUDIT AND ACCOUNTABILITY
SYMP-NM-000080 - Symantec ProxySG must be configured to support centralized management and configuration of the audit log. - enable	AUDIT AND ACCOUNTABILITY
SYMP-NM-000080 - Symantec ProxySG must be configured to support centralized management and configuration of the audit log. - Syslog IP	AUDIT AND ACCOUNTABILITY
SYMP-NM-000090 - Symantec ProxySG must generate an alert to the console when a log processing failure is detected such as loss of communications with the Central Log Server or log records are no longer being sent.	AUDIT AND ACCOUNTABILITY
SYMP-NM-000090 - Symantec ProxySG must generate an alert to the console when a log processing failure is detected such as loss of communications with the Central Log Server or log records are no longer being sent. - email addresses	AUDIT AND ACCOUNTABILITY
SYMP-NM-000100 - Symantec ProxySG must compare internal information system clocks at least every 24 hours with an authoritative time server. - Interval	AUDIT AND ACCOUNTABILITY
SYMP-NM-000100 - Symantec ProxySG must compare internal information system clocks at least every 24 hours with an authoritative time server. - NTP Server	AUDIT AND ACCOUNTABILITY
SYMP-NM-000110 - Symantec ProxySG must be configured to synchronize internal information system clocks with the primary and secondary time sources located in different geographic regions using redundant authoritative time sources.	AUDIT AND ACCOUNTABILITY
SYMP-NM-000120 - Symantec ProxySG must protect the Web Management Console, SSH, and command line interface (CLI) from unauthorized modification.	CONFIGURATION MANAGEMENT
SYMP-NM-000130 - Symantec ProxySG must protect the Web Management Console, SSH, and command line interface (CLI) from unauthorized access.	CONFIGURATION MANAGEMENT
SYMP-NM-000140 - Symantec ProxySG must back up event logs onto a different system or system component than the system or component being audited. - Syslog Enabled	AUDIT AND ACCOUNTABILITY
SYMP-NM-000140 - Symantec ProxySG must back up event logs onto a different system or system component than the system or component being audited. - Syslog IP	AUDIT AND ACCOUNTABILITY
SYMP-NM-000150 - Symantec ProxySG must employ automated mechanisms to centrally verify authentication settings. - Policy Review	CONFIGURATION MANAGEMENT
SYMP-NM-000150 - Symantec ProxySG must employ automated mechanisms to centrally verify authentication settings. Radius Realm Exists	CONFIGURATION MANAGEMENT
SYMP-NM-000160 - Accounts for device management must be configured on the authentication server and not on Symantec ProxySG itself, except for the account of last resort.	CONFIGURATION MANAGEMENT
SYMP-NM-000170 - Symantec ProxySG must use Role-Based Access Control (RBAC) to assign privileges to users for access to files and functions.	CONFIGURATION MANAGEMENT
SYMP-NM-000180 - Symantec ProxySG must employ automated mechanisms to centrally apply authentication settings. - Policy Review	CONFIGURATION MANAGEMENT
SYMP-NM-000180 - Symantec ProxySG must employ automated mechanisms to centrally apply authentication settings. Radius Realm Exists	CONFIGURATION MANAGEMENT
SYMP-NM-000190 - Symantec ProxySG must support organizational requirements to conduct backups of system level information contained in the ProxySG when changes occur or weekly, whichever is sooner. - Path	CONTINGENCY PLANNING
SYMP-NM-000190 - Symantec ProxySG must support organizational requirements to conduct backups of system level information contained in the ProxySG when changes occur or weekly, whichever is sooner. - Username	CONTINGENCY PLANNING
SYMP-NM-000190 - Symantec ProxySG must support organizational requirements to conduct backups of system level information contained in the ProxySG when changes occur or weekly, whichever is sooner. -Host	CONTINGENCY PLANNING
SYMP-NM-000200 - Symantec ProxySG must obtain its public key certificates from an appropriate certificate policy through an approved service provider.
SYMP-NM-000200 - Symantec ProxySG must obtain its public key certificates from an appropriate certificate policy through an approved service provider.- Keyring Name	SYSTEM AND COMMUNICATIONS PROTECTION
SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component. - Cloud Services	SYSTEM AND INFORMATION INTEGRITY
SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component. - CPU Utilization	SYSTEM AND INFORMATION INTEGRITY
SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component. - ICAP Deferred	SYSTEM AND INFORMATION INTEGRITY
SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component. - ICAP queued	SYSTEM AND INFORMATION INTEGRITY
SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component. - Memory Utilization	SYSTEM AND INFORMATION INTEGRITY
SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component. - NW 0:0 Utilization	SYSTEM AND INFORMATION INTEGRITY
SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component. - NW 1:0 Utilization	SYSTEM AND INFORMATION INTEGRITY
SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component. - NW 2:0 Utilization	SYSTEM AND INFORMATION INTEGRITY
SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component. - NW 2:1 Utilization	SYSTEM AND INFORMATION INTEGRITY
SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component. - Thresholds	SYSTEM AND INFORMATION INTEGRITY
SYMP-NM-000220 - Symantec ProxySG must use only approved management services protocols.	CONFIGURATION MANAGEMENT
SYMP-NM-000230 - Symantec ProxySG must implement HTTPS-console to provide replay-resistant authentication mechanisms for network access to privileged accounts.- HTTP Console Not Enabled	CONFIGURATION MANAGEMENT
SYMP-NM-000230 - Symantec ProxySG must implement HTTPS-console to provide replay-resistant authentication mechanisms for network access to privileged accounts.- HTTPS Console Enabled	CONFIGURATION MANAGEMENT
SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used.- SNMPv1 Disabled	CONFIGURATION MANAGEMENT
SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used.- SNMPv2 Disabled	CONFIGURATION MANAGEMENT
SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used.- SNMPv3 Enabled	CONFIGURATION MANAGEMENT
SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used.- SNMPv3 User Exists	CONFIGURATION MANAGEMENT
SYMP-NM-000250 - Symantec ProxySG must be configured to enforce a minimum 15-character password length for local accounts.	IDENTIFICATION AND AUTHENTICATION
SYMP-NM-000260 - Symantec ProxySG must transmit only encrypted representations of passwords. - HTTP-Console Disabled	CONFIGURATION MANAGEMENT

Detections

Analytics

DISA Symantec ProxySG Benchmark NDM v1r1

Warning! Audit Deprecated

Audit Details

File Details

Audit Items