Ensure External Users’ role is set to ‘No Access’

Details

To set a default role for remote users Authentication and authorization for remote users are handled by third party system

Rationale:

Impact:

Providing remote users with a preconfigured role might allow unauthorized access to these users.

Solution

1. Log in to the Configuration utility.

2. Go to System > Users > Authentication.

3. Under External Users , click ‘Change’.

4. Set Role to ‘No Access’.

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/3587

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management, Identification and Authentication.This control applies to the following type of system F5.

References

800-53|CM-1
800-53|CM-2
800-53|CM-6
800-53|CM-7
800-53|IA-5
CSCv7|4.6

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles