Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Symantec ProxySG ALG Security Technical Implementation Guide
SRG-NET-000138-ALG-000063
Symantec ProxySG must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
Symantec ProxySG must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
An XCCDF Rule
Details
Profiles
Prose
Symantec ProxySG must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
High Severity
<VulnDiscussion>To assure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system. Organizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following. By default, the ProxySG operates as an un-authenticated proxy. Authentication of users must be explicitly configured as described here and in in the ProxySG Administration Guide, Chapter 49: Controlling Access to the Internet and Intranet.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>