From Riverbed SteelHead CX v8 NDM Security Technical Implementation Guide
Part of SRG-APP-000408-NDM-000314
Associated with: CCI-000366 CCI-002883
There are security-related issues arising from software brought into the network device specifically for diagnostic and repair actions (e.g., a software packet sniffer installed on a device in order to troubleshoot system traffic, or a vendor installing or running a diagnostic application in order to troubleshoot an issue with a vendor-supported device). If maintenance tools are used by unauthorized personnel, they may accidentally or intentionally damage or compromise the system.
Verify that RiOS is configured so that performing maintenance functions is restricted to authorized personnel only. Navigate to the device Management Console Navigate to Configure >> Security >> User Permissions Verify that only authorized personnel have the permissions to perform maintenance functions If user permissions for authorized personnel are not set to authorize maintenance functions, this is a finding.
Configure RiOS to restrict use of maintenance functions to authorized personnel only. Navigate to the device Management Console Navigate to Configure >> Security >> User Permissions Click "Add New User Account" under "Role Based Accounts" Set User Permissions of authorized personnel to allow performance of maintenance functions Click "Add" Navigate to the top of the web page and click "Save" to save these settings permanently
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer