Documentation - V-266150

V-266150

F5 BIG-IP TMOS ALG Security Technical Implementation Guide

CAT I

Title

The F5 BIG-IP appliance must be configured to prohibit or restrict the use of unnecessary or prohibited functions, ports, protocols, and/or services, including those defined in the PPSM CAL and vulnerability assessments.

Description

<VulnDiscussion>To prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embedding of data types within data types), organizations must disable or restrict unused or unnecessary physical and logical ports/protocols on information systems. ALGs are capable of providing a wide variety of functions and services. Some of the functions and services provided by default may not be necessary to support essential organizational operations. DOD...

Fix Text (Documentation Requirement)

Check the PPSM CAL and the site's System Security Plan/documentation for a list of prohibited ports, protocols, and services. From the BIG-IP GUI: 1. Local Traffic. 2. Virtual Servers. 3. For any virtual server(s) listening on all unnecessary and/or nonsecure functions, ports, protocols, and/or services, check the box next to the virtual server and click "Delete". 4. Click "Delete" again.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel