Skip to content

I - Mission Critical Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000516-NDM-000317

    <GroupDescription></GroupDescription>
    Group
  • The BIG-IP appliance must be configured to employ automated mechanisms to assist in the tracking of security incidents.

    &lt;VulnDiscussion&gt;Despite the investment in perimeter defense technologies, enclaves are still faced with detecting, analyzing, and remediating...
    Rule Medium Severity
  • SRG-APP-000435-NDM-000315

    <GroupDescription></GroupDescription>
    Group
  • If the BIG-IP appliance is being used to authenticate users for web applications, the HTTPOnly flag must be set.

    &lt;VulnDiscussion&gt;The HttpOnly attribute directs browsers to use cookies by way of the HTTP and HTTPS protocols only, ensuring that the cookie ...
    Rule Low Severity
  • SRG-APP-000435-NDM-000315

    <GroupDescription></GroupDescription>
    Group
  • The F5 BIG-IP appliance must be configured to restrict a consistent inbound IP for the entire management session.

    &lt;VulnDiscussion&gt;This security measure helps limit the effects of denial-of-service attacks by employing anti-session hijacking security safeg...
    Rule Medium Severity
  • SRG-APP-000068-NDM-000215

    <GroupDescription></GroupDescription>
    Group
  • The F5 BIG-IP appliance providing user access control intermediary services must display the Standard Mandatory DOD-approved Notice and Consent Banner before granting access to SSH.

    &lt;VulnDiscussion&gt;Display of the DOD-approved use notification before granting access to the network device ensures privacy and security notifi...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules