Riverbed Optimization System (RiOS) must obtain its public key certificates from an appropriate certificate policy through an approved service provider.

An XCCDF Rule

Description

<VulnDiscussion>For user certificates, each organization obtains certificates from an approved, shared service provider, as required by OMB policy. For federal agencies operating a legacy public key infrastructure cross-certified with the Federal Bridge Certification Authority at medium assurance or higher, this Certification Authority will suffice.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-77477r1_rule
Severity: Medium
References: CCI-000366 CCI-001159
Updated: about 1 year ago

Configure RiOS to use public key certificates from an appropriate certificate policy through an approved service provider.

Navigate to the device Management Console
Navigate to Configure >> Optimization >> Certificate Authorities
Click "Add a New Certificate Authority"
Select "Local File" and "Browse"Navigate to your local DoD CA Root Certificates and select a certificate
Click "Add"
Repeat Click "Add a New Certificate Authority" down to Click "Add" for each DoD Root Certificate

Navigate to the top of the web page and click "Save" to save these settings permanently

Riverbed Optimization System (RiOS) must obtain its public key certificates from an appropriate certificate policy through an approved service provider.

Description

Remediation - Manual Procedure