Xylok Security Suite 20.x STIG Version Comparison

There are 3 differences between versions v1 r1 (Dec. 10, 2024) (the "left" version) and v1 r2 (Jan. 5, 2026) (the "right" version).

Check XYLK-20-000003 was changed between these two versions. Green, underlined text was added, red, struck-out text was removed.

The regular view of the left check and right check may be easier to read.

Title

Xylok Security Suite must initiate a session lock after a 15-minute period of inactivity.

Check Content

Verify session is configured to lock after 15 minutes of inactivity. Execute the following: $ grep SESSION_LENGTH /etc/xylok.conf SESSION_LENGTH=900 If "SESSION_LENGTH" is set to more than15 than 15 minutes or is missing, this is a finding. Note: The setting is in seconds. 900 sec seconds = 15 min. minutes

Discussion

A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system, but does not log out because of the temporary nature of the absence. The session lock is implemented at the point where session activity can be determined and/or controlled. This is handled at the operating system-level and results in a system lock. Satisfies: SRG-APP-000003, SRG-APP-000190

Fix

Set the session length: 1. As root, open /etc/xylok.conf in a text editor. 2. Add/Amend "SESSION_LENGTH=900" to the configuration file. 3. Restart Xylok to apply settings by executing the following: # systemctl restart xylok