Compliance Guardian must accept FICAM-approved third-party credentials.

An XCCDF Rule

Description

<VulnDiscussion>Access may be denied to legitimate users if FICAM-approved third-party credentials are not accepted. This requirement typically applies to organizational information systems that are accessible to nonfederal government agencies and other partners. This allows federal government-relying parties to trust such credentials at their approved assurance levels. Third-party credentials are those credentials issued by nonfederal government entities approved by the Federal Identity, Credential, and Access Management (FICAM) Trust Framework Solutions initiative.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-256846r890148_rule
Severity: Medium
References: CCI-002011
Updated: about 1 year ago

Configure Compliance Guardian to use ADFS Integration.
- Log on to Compliance Guardian with admin account.
- On the Control Panel page in the General Security section, click "Authentication Manager".
- Click "ADFS Integration" to open ADFS Integration Configuration Wizard page and complete the configuration.
- Click "Enable link" of the ADFS Integration row to enable ADFS Integration.
- Back on the Control Panel page in the Account section, click "Users". - Navigate to "Add User" page.
- Select ADFS Claim from the drop-down list in the "User Type" field.
- Select the Claim Name and input the Claim Value in the "How Would You Like To Retrieve User Information" field.
- Save the settings.

Compliance Guardian must accept FICAM-approved third-party credentials.

Description

Remediation - Manual Procedure