From VMW vRealize Automation 7.x HA Proxy Security Technical Implementation Guide
Part of SRG-APP-000225-WSR-000074
Associated with: CCI-001190
Without maintenance of a baseline of current HAProxy software, monitoring for changes cannot be complete and unauthorized changes to the software can go undetected. Changes to HAProxy could be the result of intentional or unintentional actions.
Have the appliance administrator and/or ISSO provide the HAProxy software baseline procedures, implementation evidence, and a list of files and directories included in the baseline procedure for completeness. If baseline procedures do not exist, not implemented reliably, or are not complete, this is a finding.
Develop, document, and implement baseline procedures that include all HAProxy software files and directories. Update the baseline after new installations, upgrades, or maintenance activities that include changes to the software baseline.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer