Ensure 'HTTP session timeout' is set to organzational policy

Information

Sets the timeout for an HTTP session before the security appliance terminates it.

Rationale:

Limiting session timeout prevents unauthorized users from using abandoned sessions to perform malicious activities.

Solution

From the Firepower Management Center:
Step 1. Navigate to Devices > Platform Settings

Step 2. Either edit the platform settings policy which exists as you click the pencil icon beside the policy or create a new FTD policy as you click New Policy. Select the type as Firepower Threat Defense.

Step 3. As you navigate to the HTTP section, a page appears as shown in the image.

Enable HTTP server: Enable this option to make to enable HTTP server on the FTD.

See Also

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/hardening/ftd/FTD_Hardening_Guide_v64.html

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-12

Plugin: Cisco_Firepower

Control ID: 02df0a0000fdbd2aa04d3e7634f494af7707a43ae9e5e13d5b369d249e76c856