A10 Networks ADC ALG Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The A10 Networks ADC, when used to load balance web applications, must examine incoming user requests against the URI White Lists.
Unrestricted traffic may contain malicious traffic, which poses a threat to an enclave or to other connected networks. Additionally, unrestricted traffic may transit a network, which uses bandwidth...Rule Medium Severity -
The A10 Networks ADC must enable logging of Denial of Service (DoS) attacks.
Without an alert, security personnel may be unaware of major detection incidents that require immediate action, and this delay may result in the loss or compromise of information. CJCSM 6510.01B, "...Rule Medium Severity -
The A10 Networks ADC must reveal error messages only to authorized individuals (ISSO, ISSM, and SA).
Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state or can give configuration details about the...Rule Medium Severity -
The A10 Networks ADC, when used for load balancing web servers, must deploy the WAF in active mode.
The Web Application Firewall (WAF) supports three operational modes - Learning, Passive, and Active. Active is the standard operational mode and must be used in order to drop or sanitize traffic. L...Rule Medium Severity -
If the Data Owner requires it, the A10 Networks ADC must be configured to perform CCN Mask, SSN Mask, and PCRE Mask Request checks.
If outbound communications traffic is not continuously monitored, hostile activity may not be detected and prevented. Output from application and traffic monitoring serves as input to continuous mo...Rule Medium Severity -
The A10 Networks ADC must protect against TCP SYN floods by using TCP SYN Cookies.
A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target in an attempt to consume resources, making the device unresponsive to legitimat...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.