F5 BIG-IP Device Management Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The BIG-IP appliance must be configured to allow the use of a temporary password for system logons with an immediate change to a permanent password.
<VulnDiscussion>Without providing this capability, an account may be created without a password. Non-repudiation cannot be guaranteed once an...Rule Medium Severity -
SRG-APP-000516-NDM-000317
<GroupDescription></GroupDescription>Group -
The BIG-IP appliance must be configured to notify the administrator of the number of successful logon attempts occurring during an organization-defined time period.
<VulnDiscussion>Administrators need to be aware of activity that occurs regarding their network device management account. Providing administ...Rule Low Severity -
SRG-APP-000516-NDM-000317
<GroupDescription></GroupDescription>Group -
The BIG-IP appliance must be configured to use automated mechanisms to alert security personnel to threats identified by authoritative sources (e.g., CTOs) and IAW with CJCSM 6510.01B.
<VulnDiscussion>By immediately displaying an alarm message, potential security violations can be identified more quickly even when administra...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.