An error occurred:

Check: GSAP-00-000565

Google Search Appliance STIG: GSAP-00-000565 (in version v1 r1)

Title

The Google Search Appliance must support organizational requirements to enforce password encryption for transmission. (Cat II impact)

Discussion

Passwords need to be protected at all times and encryption is the standard method for protecting passwords during transmission.

Check Content

Open the GSA Web Admin Console at https:<your GSA IP or hostname>:8443. Login to the GSA management interface. Navigate to "Administration", select "SSL Settings". Under "Other Settings" - If "Use HTTPS when serving both public and secure results" is checked, this is not a finding.

Fix Text

Open the GSA Web Admin Console at https:<your GSA IP or hostname>:8443. Login to the GSA management interface. Navigate to "Administration", select "SSL Settings". Under "Other Settings" - Enable option "Use HTTPS when serving both public and secure results". Click Save.

Additional Identifiers

Rule ID: SV-75237r1_rule

Vulnerability ID: V-60785

Group Title: SRG-APP-000172

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000197

For password-based authentication, transmit passwords only over cryptographically-protected channels.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
IA-5(1)

Password-based Authentication