From A10 Networks ADC ALG Security Technical Implementation Guide
Part of SRG-NET-000132-ALG-000087
Associated with: CCI-000382
In order to prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embedding of data types within data types); organizations must disable or restrict unused or unnecessary physical and logical ports/protocols on information systems.
Review the list of authorized applications, endpoints, services, and protocols that have been added to the PPSM database. Review the configured servers, service groups, and virtual servers. The following command shows information for SLB servers: show slb server The following command shows information for service groups (multiple servers): show slb service-group The following command shows information for virtual servers (the services visible to outside hosts): show slb virtual-server If any of the servers, service groups, or virtual servers allows traffic that is prohibited by the PPSM CAL, this is a finding.
Do not configure a server, service group, or virtual server for any port, protocol, or service that is prohibited by the PPSM CAL.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer