Detections
Analytics
F5BI-AP-300160 - The F5 BIG-IP must be configured to identify and authenticate all endpoint devices or peers before establishing a connection.
Information
Without identifying and authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity.NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
From the BIG-IP GUI:1. Access.
2. Profiles/Policies.
3. Access Profiles.
4. Click "Edit..." in the "Per-Session Policy" column for the Access Profile.
5. Configure the Access Profile to uniquely identify and authenticate network devices.
6. Click "Apply Access Policy".
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_F5_BIG-IP_TMOS_Y25M07_STIG.zip
Item Details
Audit Name: DISA F5 BIG-IP TMOS ALG STIG v1r2
Category: CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION
References: 800-53|CM-6b., 800-53|IA-3, CAT|II, CCI|CCI-000366, CCI|CCI-000778, CCI|CCI-001958, Rule-ID|SV-266171r1024403_rule, STIG-ID|F5BI-AP-300160, Vuln-ID|V-266171
Plugin: F5
Control ID: a05a55d12abb3e147b6f6ef90c9e334ab7d46c25d38902bace45bc78e1a00cd3