| SYMP-NM-000010 - Symantec ProxySG must be configured with only one local account that is used as the account of last resort. | ACCESS CONTROL |
| SYMP-NM-000020 - Symantec ProxySG must be configured to enforce user authorization to implement least privilege. | ACCESS CONTROL |
| SYMP-NM-000030 - Symantec ProxySG must configure Web Management Console access restrictions to authorized IP address/ranges. | ACCESS CONTROL |
| SYMP-NM-000040 - Symantec ProxySG must be configured to enforce assigned privilege levels for approved administrators when accessing the management console, SSH, and the command line interface (CLI). | ACCESS CONTROL |
| SYMP-NM-000050 - Symantec ProxySG must be configured to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period - Lockout duration | ACCESS CONTROL |
| SYMP-NM-000050 - Symantec ProxySG must be configured to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period - max-failed-attempts | ACCESS CONTROL |
| SYMP-NM-000050 - Symantec ProxySG must be configured to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period - Reset interval | ACCESS CONTROL |
| SYMP-NM-000060 - Symantec ProxySG must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device. | ACCESS CONTROL |
| SYMP-NM-000070 - Symantec ProxySG must enable event access logging. | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000080 - Symantec ProxySG must be configured to support centralized management and configuration of the audit log - enable | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000080 - Symantec ProxySG must be configured to support centralized management and configuration of the audit log - Syslog IP | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000090 - Symantec ProxySG must generate an alert to the console when a log processing failure is detected such as loss of communications with the Central Log Server or log records are no longer being sent - email addresses | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000090 - Symantec ProxySG must generate an alert to the console when a log processing failure is detected such as loss of communications with the Central Log Server or log records are no longer being sent. | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000100 - Symantec ProxySG must compare internal information system clocks at least every 24 hours with an authoritative time server - Interval | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000100 - Symantec ProxySG must compare internal information system clocks at least every 24 hours with an authoritative time server - NTP Server | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000110 - Symantec ProxySG must be configured to synchronize internal information system clocks with the primary and secondary time sources located in different geographic regions using redundant authoritative time sources. | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| SYMP-NM-000120 - Symantec ProxySG must protect the Web Management Console, SSH, and command line interface (CLI) from unauthorized modification. | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000130 - Symantec ProxySG must protect the Web Management Console, SSH, and command line interface (CLI) from unauthorized access. | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000140 - Symantec ProxySG must back up event logs onto a different system or system component than the system or component being audited - Syslog Enabled | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000140 - Symantec ProxySG must back up event logs onto a different system or system component than the system or component being audited - Syslog IP | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000150 - Symantec ProxySG must employ automated mechanisms to centrally verify authentication settings - Policy Review | CONFIGURATION MANAGEMENT |
| SYMP-NM-000150 - Symantec ProxySG must employ automated mechanisms to centrally verify authentication settings. | CONFIGURATION MANAGEMENT |
| SYMP-NM-000160 - Accounts for device management must be configured on the authentication server and not on Symantec ProxySG itself, except for the account of last resort. | CONFIGURATION MANAGEMENT |
| SYMP-NM-000170 - Symantec ProxySG must use Role-Based Access Control (RBAC) to assign privileges to users for access to files and functions. | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SYMP-NM-000180 - Symantec ProxySG must employ automated mechanisms to centrally apply authentication settings - Policy Review | CONFIGURATION MANAGEMENT |
| SYMP-NM-000180 - Symantec ProxySG must employ automated mechanisms to centrally apply authentication settings. | CONFIGURATION MANAGEMENT |
| SYMP-NM-000190 - Symantec ProxySG must support organizational requirements to conduct backups of system level information contained in the ProxySG when changes occur or weekly, whichever is sooner - Path | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING |
| SYMP-NM-000190 - Symantec ProxySG must support organizational requirements to conduct backups of system level information contained in the ProxySG when changes occur or weekly, whichever is sooner - Username | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING |
| SYMP-NM-000190 - Symantec ProxySG must support organizational requirements to conduct backups of system level information contained in the ProxySG when changes occur or weekly, whichever is sooner. | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING |
| SYMP-NM-000200 - Symantec ProxySG must obtain its public key certificates from an appropriate certificate policy through an approved service provider. | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| SYMP-NM-000200 - Symantec ProxySG must obtain its public key certificates from an appropriate certificate policy through an approved service provider. - attribute keyring | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component - Cloud Services | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component - CPU Utilization | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component - ICAP Deferred | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component - ICAP queued | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component - Memory Utilization | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component - NW 0:0 Utilization | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component - NW 1:0 Utilization | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component - NW 2:0 Utilization | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component - NW 2:1 Utilization | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SYMP-NM-000210 - Symantec ProxySG must configure the maintenance and health monitoring to send an alarm when a critical condition occurs for a component - Thresholds | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SYMP-NM-000220 - Symantec ProxySG must use only approved management services protocols. | CONFIGURATION MANAGEMENT |
| SYMP-NM-000230 - Symantec ProxySG must implement HTTPS-console to provide replay-resistant authentication mechanisms for network access to privileged accounts. - HTTP-Console | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000230 - Symantec ProxySG must implement HTTPS-console to provide replay-resistant authentication mechanisms for network access to privileged accounts. - HTTPS-Console | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used. | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used. - snmpv1 | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used. - snmpv2c | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used. - snmpv3 | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000250 - Symantec ProxySG must be configured to enforce a minimum 15-character password length for local accounts. | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000260 - Symantec ProxySG must transmit only encrypted representations of passwords - HTTP-Console Disabled | IDENTIFICATION AND AUTHENTICATION |
