Check: AADC-AG-000157
A10 Networks ADC ALG STIG:
AADC-AG-000157
(in versions v2 r1 through v1 r1)
Title
The A10 Networks ADC must be a FIPS-compliant version. (Cat I impact)
Discussion
Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The network element must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated. FIPS compliance is mandated for many functions of network devices. The A10 Networks ADC platforms are either FIPS-compliant versions or non-compliant versions. It is necessary to deploy the FIPS-compliant versions of the model(s). FIPS versions are identified by the designation "FIPS" in the stock keeping unit (SKU).
Check Content
The following command shows the version of ACOS used and other related information: show version If the output does not include "Platform features: fips", this is a finding.
Fix Text
Verify that the units deployed are the FIPS-compliant versions. This is identified by the designation "FIPS" in the stock keeping unit (SKU).
Additional Identifiers
Rule ID: SV-237064r639639_rule
Vulnerability ID: V-237064
Group Title: SRG-NET-000512-ALG-000062
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |