Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Riverbed NetProfiler Security Technical Implementation Guide
SRG-APP-000153-NDM-000249
The Riverbed NetProfiler must be configured to authenticate each administrator prior to authorizing privileges based on roles.
The Riverbed NetProfiler must be configured to authenticate each administrator prior to authorizing privileges based on roles.
An XCCDF Rule
Details
Profiles
Prose
The Riverbed NetProfiler must be configured to authenticate each administrator prior to authorizing privileges based on roles.
High Severity
<VulnDiscussion>The lack of role-based access control could result in the immediate compromise of and unauthorized access to sensitive information. Additionally, without mapping the PKI certificate to a unique user account, the ability to determine the identities of individuals or assert nonrepudiation is lost. Individual accountability mandates that each administrator is uniquely identified. For public key infrastructure (PKI)-based authentication, the device must be configured to map validated certificates to unique user accounts. This requirement applies to accounts or roles created and managed on or by the network device. Satisfies: SRG-APP-000153-NDM-000249, SRG-APP-000119-NDM-000236, SRG-APP-000120-NDM-000237, SRG-APP-000121-NDM-000238, SRG-APP-000122-NDM-000239, SRG-APP-000123-NDM-000240, SRG-APP-000329-NDM-000287, SRG-APP-000177-NDM-000263, SRG-APP-000033-NDM-000212</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>