II - Mission Support Public
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000371-NDM-000296
<GroupDescription></GroupDescription>Group -
Symantec ProxySG must compare internal information system clocks at least every 24 hours with an authoritative time server.
<VulnDiscussion>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the cor...Rule Medium Severity -
SRG-APP-000373-NDM-000298
<GroupDescription></GroupDescription>Group -
Symantec ProxySG must be configured to synchronize internal information system clocks with the primary and secondary time sources located in different geographic regions using redundant authoritative time sources.
<VulnDiscussion>The loss of connectivity to a particular authoritative time source will result in the loss of time synchronization (free-run ...Rule Medium Severity -
SRG-APP-000122-NDM-000239
<GroupDescription></GroupDescription>Group -
Symantec ProxySG must protect the Web Management Console, SSH, and command line interface (CLI) from unauthorized modification.
<VulnDiscussion>Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Therefore, pro...Rule Medium Severity -
SRG-APP-000121-NDM-000238
<GroupDescription></GroupDescription>Group -
Symantec ProxySG must protect the Web Management Console, SSH, and command line interface (CLI) from unauthorized access.
<VulnDiscussion>Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Therefore, pro...Rule Medium Severity -
SRG-APP-000125-NDM-000241
<GroupDescription></GroupDescription>Group -
Symantec ProxySG must back up event logs onto a different system or system component than the system or component being audited.
<VulnDiscussion>Protection of log data includes assuring log data is not accidentally lost or deleted. Regularly backing up audit records to ...Rule Medium Severity -
SRG-APP-000516-NDM-000338
<GroupDescription></GroupDescription>Group -
Symantec ProxySG must employ automated mechanisms to centrally verify authentication settings.
<VulnDiscussion>The use of authentication servers or other centralized management servers for providing centralized authentication services i...Rule Medium Severity -
SRG-APP-000516-NDM-000336
<GroupDescription></GroupDescription>Group -
Accounts for device management must be configured on the authentication server and not on Symantec ProxySG itself, except for the account of last resort.
<VulnDiscussion>Centralized management of authentication settings increases the security of remote and nonlocal access methods. This control ...Rule Medium Severity -
SRG-APP-000329-NDM-000287
<GroupDescription></GroupDescription>Group -
Symantec ProxySG must use Role-Based Access Control (RBAC) to assign privileges to users for access to files and functions.
<VulnDiscussion>Organizations can create specific roles based on job functions and the authorizations (i.e., privileges) to perform needed op...Rule Medium Severity -
SRG-APP-000516-NDM-000337
<GroupDescription></GroupDescription>Group -
Symantec ProxySG must employ automated mechanisms to centrally apply authentication settings.
<VulnDiscussion>The use of authentication servers or other centralized management servers for providing centralized authentication services i...Rule Medium Severity -
SRG-APP-000516-NDM-000340
<GroupDescription></GroupDescription>Group -
Symantec ProxySG must support organizational requirements to conduct backups of system level information contained in the ProxySG when changes occur or weekly, whichever is sooner.
<VulnDiscussion>System-level information includes default and customized settings and security attributes, including ACLs that relate to the ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.