The Bromium Enterprise Controller (BEC) must protect the BEC Web Console from unauthorized access.

From Bromium Secure Platform 4.x Security Technical Implementation Guide

Associated with: CCI-001493

SV-95135r1_rule The Bromium Enterprise Controller (BEC) must protect the BEC Web Console from unauthorized access.

Vulnerability discussion

Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit data.The BEC Web console can gives a view of events, threat conditions, policies, and client information and thus is considered an audit tool. BEC does not allow the integration of other audit tool provided by third-party vendors. The BEC Web console access is configured in Settings >> Users.

Check content

Obtain a list of authorized BEC Web console users from the site representative. Verify only these users are configured for access. 1. From the BEC console, click on "Settings". 2. View the list of Users. If unauthorized users are listed in the BEC Web console, this is a finding.

Fix text

Configure BEC Web console access to permit only authorized users. 1. From the BEC console, click on "Settings". 2. Select "Users". 3. Click User Options >> Add User. 4. Add new user and their Active Directory details, and assign new user to a Group using the drop-down list.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.