Check: RINP-DM-000064
Riverbed NetProfiler STIG:
RINP-DM-000064
(in version v1 r1)
Title
The Riverbed NetProfiler must be configured to conduct backups of system-level information and system documentation, including security-related documentation, when changes occur or weekly, whichever is sooner. (Cat III impact)
Discussion
System-level information includes default and customized settings and security attributes, including access control lists (ACLs) that relate to the network device configuration, as well as software required for the execution and operation of the device. Information system backup is a critical step in ensuring system integrity and availability. If the system fails and there is no backup of the system-level information, a denial-of-service condition is possible for all who use this critical network component. This control requires the network device to support the organizational central backup process for system-level information associated with the network device. This function may be provided by the network device itself; however, the preferred best practice is a centralized backup rather than each network device performing discrete backups. The backup feature securely copies traffic and configuration information to a specified backup system. NetProfiler cannot be configured to automatically run backups, but backups can be configured and run manually via the Backup page. Manually back up the system periodically in accordance with the site System Security Plan (SSP). NetExpress packet logs and index files are not backed up. Additionally, capture jobs are not restored if the backup and restore operations are performed from a physical NetExpress to a virtual edition or vice versa. The NetProfiler uses the SSH public key to connect to a backup server for running backups. Satisfies: SRG-APP-000516-NDM-000340, SRG-APP-000516-NDM-000341
Check Content
Review the SSP to determine the site's network device backup policy. Check the NetProfiler backup log to verify regular backups are being performed. Go to System >> Backup. View if there is a recent backup. If the site does not conduct backups of system-level information contained in the information system when changes occur, this is a finding.
Fix Text
Manually back up via the configuration periodically in accordance with the SSP. Go to System >> Backup. Enter details about what information must be backed up, where it is backed up, and who is notified when the backup is completed. Click "Run Backup".
Additional Identifiers
Rule ID: SV-256096r882796_rule
Vulnerability ID: V-256096
Group Title: SRG-APP-000516-NDM-000340
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
CCI-000537 |
The organization conducts backups of system-level information contained in the information system per organization-defined frequency that is consistent with recovery time and recovery point objectives. |
CCI-000539 |
The organization conducts backups of information system documentation, including security-related documentation, per an organization-defined frequency that is consistent with recovery time and recovery point objectives. |