STIGhubSTIGhub
STIGhub— A free STIG search and compliance tool·STIGs updated just now
Powered by Pylon·Privacy·Terms·Feedback·© 2026 Beacon Cloud Solutions, Inc.
← Back to Ivanti Policy Secure NDM Security Technical Implementation Guide

V-284529

CAT I (High)

The Ivanti Policy Secure must be configured to transmit only encrypted representations of passwords.

Rule ID

SV-284529r1244935_rule

STIG

Ivanti Policy Secure NDM Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000197

Discussion

Multifactor authentication (MFA) is required for all administrative and user accounts on network devices, except for an account of last resort and (where applicable) a root account. Passwords should only be used when MFA using public key infrastructure (PKI) is not available, and for the account of last resort and root account.

Check Content

1. In the Web UI, navigate to System >> Configuration >> Inbound SSL Options.
2. Under "Allowed SSL and TLS Version", verify "Accept only TLS 1.2 (maximize security)" is selected.
3. Navigate to System >> Configuration >> Outbound SSL Options.
4. View the setting for "Allowed SSL and TLS Version".

If "Accept only TLS 1.2 (maximize security)" is not checked, this is a finding.

Fix Text

1. In the Web UI, navigate to System >> Configuration >> Inbound SSL Options.
2. Under "Allowed SSL and TLS Version", check the box for "Accept only TLS 1.2 (maximize security)".
3. Click "Save Changes".
4. Click "Proceed" to accept the cipher change.
5. Navigate to System >> Configuration >> Outbound SSL Options.
6. Under "Allowed SSL and TLS Version", check the box for "Accept only TLS 1.2 (maximize security)".
7. Click "Save Changes".
8. Click "Proceed" to accept the cipher change.