If Symantec ProxySG filters externally initiated traffic, reverse proxy services must be configured.
An XCCDF Rule
Description
<VulnDiscussion>Automated monitoring of remote access traffic allows organizations to detect cyber attacks and also ensure ongoing compliance with remote access policies by inspecting connection activities of remote access capabilities. Remote access methods include both unencrypted and encrypted traffic (e.g., web portals, web content filter, TLS, and webmail). With inbound TLS inspection, the traffic must be inspected prior to being allowed on the enclave's web servers hosting TLS or HTTPS applications.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-104171r1_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure the ProxySG to monitor and control inbound traffic by configuring reverse proxy services. This provides SSL proxy in reverse proxy mode.
1. Log on to the Web Management Console.
2. Click Configuration >> Services >> Proxy Services.
3. Click "New Service".
4. Enter information into the various service boxes in accordance with site architecture, operational requirements, and SSP requirements for which web servers are to be monitored and controlled.