Skip to content
Log In

HYCU Protege Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The HYCU virtual appliance must off-load audit records onto a different system or media than the system being audited.

    Information system backup is a critical step in maintaining data assurance and availability. Information system and security-related documentation contains information pertaining to system configur...
    Rule Medium Severity
    Show

  • SRG-APP-000360-NDM-000295

    Group
    Show

  • SRG-APP-000120-NDM-000237

    Group
    Show

  • SRG-APP-000121-NDM-000238

    Group
    Show

  • The HYCU virtual appliance must protect audit tools from unauthorized access, modification, and deletion.

    Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on au...
    Rule Medium Severity
    Show

  • SRG-APP-000516-NDM-000351

    Group
    Show

  • The HYCU virtual appliance must be running a release that is currently supported by the vendor.

    Network devices running an unsupported operating system lack current security fixes required to mitigate the risks associated with recent vulnerabilities.
    Rule High Severity
    Show

  • SRG-APP-000516-NDM-000344

    Group
    Show

  • SRG-APP-000142-NDM-000245

    Group
    Show

  • SRG-APP-000156-NDM-000250

    Group
    Show

  • The HYCU virtual appliance must implement replay-resistant authentication mechanisms for network access to privileged accounts.

    A replay attack may enable an unauthorized user to gain access to the application. Authentication sessions between the authenticator and the application validating the user credentials must not be ...
    Rule Medium Severity
    Show

  • SRG-APP-000166-NDM-000254

    Group
    Show

  • SRG-APP-000167-NDM-000255

    Group
    Show

  • The HYCU virtual appliance must enforce password complexity by requiring that at least one lowercase character be used.

    Use of a complex passwords helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisti...
    Rule Medium Severity
    Show

  • SRG-APP-000168-NDM-000256

    Group
    Show

  • SRG-APP-000169-NDM-000257

    Group
    Show

  • The HYCU virtual appliance must enforce password complexity by requiring that at least one special character be used.

    Use of a complex passwords helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisti...
    Rule Medium Severity
    Show

  • SRG-APP-000164-NDM-000252

    Group
    Show

  • The HYCU virtual appliance must enforce a minimum 15-character password length.

    Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to d...
    Rule Medium Severity
    Show

  • SRG-APP-000170-NDM-000329

    Group
    Show

  • SRG-APP-000179-NDM-000265

    Group
    Show

  • SRG-APP-000411-NDM-000330

    Group
    Show

  • SRG-APP-000412-NDM-000331

    Group
    Show

  • The HYCU virtual appliance must be configured to implement cryptographic mechanisms using a FIPS 140-2-approved algorithm to protect the confidentiality of remote maintenance sessions.

    This requires the use of secure protocols instead of their unsecured counterparts, such as SSH instead of telnet, SCP instead of FTP, and HTTPS instead of HTTP. If unsecured protocols (lacking cryp...
    Rule High Severity
    Show

  • SRG-APP-000148-NDM-000346

    Group
    Show

  • The HYCU virtual appliance must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.

    Authentication for administrative (privileged level) access to the device is required at all times. An account can be created on the device's local database for use when the authentication server i...
    Rule Medium Severity
    Show

  • SRG-APP-000381-NDM-000305

    Group
    Show

  • SRG-APP-000131-NDM-000243

    Group
    Show

  • SRG-APP-000457-NDM-000352

    Group
    Show

  • SRG-APP-000190-NDM-000267

    Group
    Show

  • The HYCU virtual appliance must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.

    Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port th...
    Rule High Severity
    Show

  • SRG-APP-000224-NDM-000270

    Group
    Show

  • SRG-APP-000516-NDM-000350

    Group
    Show

  • The HYCU virtual appliance must be configured to synchronize internal information system clocks using redundant authoritative time sources.

    The loss of connectivity to a particular authoritative time source will result in the loss of time synchronization (free-run mode) and increasingly inaccurate time stamps on audit events and other ...
    Rule Medium Severity
    Show

  • The HYCU virtual appliance must limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type.

    Device management includes the ability to control the number of administrators and management sessions that manage a device. Limiting the number of allowed administrators and sessions per administr...
    Rule Medium Severity
    Show

  • If the HYCU virtual appliance uses role-based access control, it must enforce organization-defined role-based access control policies over defined subjects and objects.

    Organizations can create specific roles based on job functions and the authorizations (i.e., privileges) to perform needed operations on organizational information systems associated with the organ...
    Rule Medium Severity
    Show

  • The HYCU virtual appliance must audit the execution of privileged functions.

    Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and...
    Rule Medium Severity
    Show

  • The HYCU virtual appliance must retain the Standard Mandatory DOD Notice and Consent Banner on the screen until the administrator acknowledges the usage conditions and takes explicit actions to log in for further access.

    The banner must be acknowledged by the administrator prior to the device allowing the administrator access to the network device. This provides assurance that the administrator has seen the message...
    Rule Medium Severity
    Show

  • The HYCU virtual appliance must automatically audit account modification.

    Since the accounts in the network device are privileged or system-level accounts, account management is vital to the security of the network device. Account management by a designated authority ens...
    Rule Medium Severity
    Show

  • The HYCU virtual appliance must be configured to use at least two authentication servers for authenticating users prior to granting administration access.

    Centralized management of authentication settings increases the security of remote and nonlocal access methods. This control is particularly important protection against the insider threat. With ro...
    Rule High Severity
    Show

  • The HYCU virtual appliance must generate audit records when successful/unsuccessful attempts to access privileges occur.

    Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...
    Rule Medium Severity
    Show

  • The HYCU virtual appliance must generate audit records when successful/unsuccessful attempts to delete administrator privileges occur.

    Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...
    Rule Medium Severity
    Show

  • The HYCU virtual appliance must generate audit records for privileged activities or other system-level access.

    Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...
    Rule Medium Severity
    Show

  • The HYCU virtual appliance must generate log records for a locally developed list of auditable events.

    Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...
    Rule Medium Severity
    Show

  • The HYCU virtual appliance must produce audit records containing information to establish when events occurred, where events occurred, the source of the event, the outcome of the event, and identity of any individual or process associated with the event.

    It is essential for security personnel to know what is being done, what was attempted, where it was done, when it was done, and by whom it was done to compile an accurate risk assessment. Logging t...
    Rule Medium Severity
    Show

  • The HYCU virtual appliance must automatically audit account enabling actions.

    It is essential for security personnel to know what is being done, what was attempted, where it was done, when it was done, and by whom it was done to compile an accurate risk assessment. Associati...
    Rule Medium Severity
    Show

  • The HYCU virtual appliance must generate an immediate real-time alert of all audit failure events requiring real-time alerts.

    It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impe...
    Rule Medium Severity
    Show

  • The HYCU virtual appliance must protect audit information from unauthorized deletion.

    Audit information includes all information (e.g., audit records, audit settings, and audit reports) needed to successfully audit information system activity. If audit data were to become compromis...
    Rule Medium Severity
    Show

  • The HYCU virtual appliance must obtain its public key certificates from an appropriate certificate policy through an approved service provider.

    For user certificates, each organization obtains certificates from an approved, shared service provider, as required by OMB policy. For federal agencies operating a legacy public key infrastructure...
    Rule Medium Severity
    Show

  • The HYCU virtual appliance must be configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services.

    To prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embedding of data types within data types), organizations must disable unused o...
    Rule High Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules