From Riverbed SteelHead CX v8 NDM Security Technical Implementation Guide
Part of SRG-APP-000317-NDM-000282
Associated with: CCI-002142
The Monitor and Shark accounts which are default group accounts with shared credentials. Monitor and Shark accounts are not enabled by default, but cannot be deleted since these network tools are designed to look for that account. Monitor is a read-only account for auditor's configuration management. Shark is used to access packet captures. If the credentials for these accounts are changed, the function of the system will not be adversely impacted.
Verify that RiOS is configured to the assigned privilege level for each administrator. Navigate to the device Management Console Navigate to Configure >> Security >> User Permissions Verify the privilege level values for Shark and Monitor If all privileges for the Shark and Monitor accounts are not set to Deny, this is a finding.
Configure RiOS to enforce assigned privilege level for each administrator in accordance with site documented requirements. Navigate to the device Management Console Navigate to Configure >> Security >> User Permissions Remove all values of "Roles and Permissions" for the Monitor and Shark accounts Click "Apply" to save the changes Navigate to the top of the web page and click "Save" to write changes to memory
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer