F5BI-DM-000269 - The BIG-IP appliance must be configured to employ automated mechanisms to centrally manage authentication settings.
Information
The use of authentication servers or other centralized management servers for providing centralized authentication services is required for network device management. Maintaining local administrator accounts for daily usage on each network device without centralized management is not scalable or feasible. Without centralized management, it is likely that credentials for some network devices will be forgotten, leading to delays in administration, which itself leads to delays in remediating production problems and in addressing compromises in a timely fashion.NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Configure the BIG-IP appliance to use an approved remote authentication server to employ automated mechanisms to centrally manage authentication settings.See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_F5_BIG-IP_11-x_Y20M10_STIG.zip
Item Details
Audit Name: DISA F5 BIG-IP Device Management 11.x STIG v2r1
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6(1), 800-53|CM-6b., CAT|II, CCI|CCI-000366, CCI|CCI-000370, Rule-ID|SV-217420r557520_rule, STIG-ID|F5BI-DM-000269, STIG-Legacy|SV-74657, STIG-Legacy|V-60227, Vuln-ID|V-217420
Plugin: F5
Control ID: fe10f560c14801b19c1e7d547adf14272085589e89d70f3e588b88b974b568fb