Symantec ProxySG NDM Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Symantec ProxySG must enable Attack Detection.
DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity. Symantec Pro...Rule High Severity -
Symantec ProxySG must be configured with only one local account that is used as the account of last resort.
Authentication for administrative (privileged level) access to the device is required at all times. An account can be created on the device's local database for use when the authentication server i...Rule Medium Severity -
Symantec ProxySG must be configured to enforce user authorization to implement least privilege.
To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DoD-approved PKIs, all DoD systems must be properly configured to incorporate ...Rule High Severity -
Symantec ProxySG must be configured to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period.
By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced.Rule Medium Severity -
Symantec ProxySG must enable event access logging.
Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. Audit re...Rule Medium Severity -
Symantec ProxySG must be configured to support centralized management and configuration of the audit log.
Without the ability to centrally manage the content captured in the audit records, identification, troubleshooting, and correlation of suspicious behavior would be difficult and could lead to a del...Rule Medium Severity -
Symantec ProxySG must be configured to synchronize internal information system clocks with the primary and secondary time sources located in different geographic regions using redundant authoritative time sources.
The loss of connectivity to a particular authoritative time source will result in the loss of time synchronization (free-run mode) and increasingly inaccurate time stamps on audit events and other ...Rule Medium Severity -
Symantec ProxySG must protect the Web Management Console, SSH, and command line interface (CLI) from unauthorized modification.
Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on au...Rule Medium Severity -
Symantec ProxySG must protect the Web Management Console, SSH, and command line interface (CLI) from unauthorized access.
Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on au...Rule Medium Severity -
Symantec ProxySG must back up event logs onto a different system or system component than the system or component being audited.
Protection of log data includes assuring log data is not accidentally lost or deleted. Regularly backing up audit records to a different system or onto separate media than the system being audited ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.