The TippingPoint SMS, TPS, and SMS client must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device.
An XCCDF Rule
Description
<VulnDiscussion>Display of the DoD-approved use notification before granting access to the network device ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. System use notifications are required only for access via logon interfaces with human users. Configure banner messages to display security notices on the SMS client toolbar or when a user attempts to log in to the following interfaces: SMS client, SMS web management console, CLI, or remote SSH client. When configured, the notice and Consent Banner on the screen until the administrator acknowledges the usage conditions and takes explicit actions to log on for further access, as required by CCI-000050. Satisfies: SRG-APP-000068-NDM-000215, SRG-APP-000069-NDM-000216</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-242235r960843_rule
- Severity
- Low
- References
- Updated
Remediation - Manual Procedure
Configure banner message to display on the SMS client toolbar or when a user attempts to log in to the following interfaces: SMS client, SMS web management console, CLI, or remote SSH client.
1. Select Edit >> Preferences >> Banner Message.
2. Check "Enable Banner Message".
3. Add the exactly worded and formatted DoD-approved banner as presented in accordance with DTM-08-060.
4. Check all the boxes under the banner to display on check display on client toolbar, client login, web login, console/CLI, and remote/SSH login.