Rule ID
SV-284544r1244957_rule
Version
V1R1
CCIs
Nonlocal maintenance and diagnostic activities are conducted by individuals who communicate through either an external or internal network. Communications paths can be logically separated using encryption.
1. In the Web UI, navigate to Administrators >> Admins Realms >> Admin Users >> Authentication Policy. 2. Click the configured admin realm being used for common access card (CAC)/public key infrastructure (PKI) token admin logins. 3. Click the "Authentication Policy" tab, then click "Source IP". In "Administrator Sign in Port" if there are any ports selected for "Administrator Sign in" other than "Management Port", this is a finding.
1. In the Web UI, navigate to Administrators >> Admins Realms >> Admin Users >> Authentication Policy. 2. Click the configured admin realm used for CAC/PKI token admin logins. 3. Click the "Authentication Policy" tab, then click "Source IP". 4. In "Administrator Sign in Port" under Administrator Sign in Ports Select only the "Management Port".