Details

To specify the authentication mechanism that F5 systems use for external (remote) users

Rationale:

Uncontrolled and illegitimate authentication could provide access to unauthorized users

Impact:

Uncontrolled and illegitimate authentication mechanism provides access to illegitimates remote users on the systems. It is important to make sure of the right Authentication mechanism used. Radius is configured as Authentication Only. Radius in turns query LDAP for remote users authentication and authorization.

Solution

1-Log in to the Configuration utility using the administrator account.

2-Navigate to System > Users > Authentication.

3-In the Authentication section, click Change.

4-Select Remote – RADIUS from the User Directory drop-down menu.

5-Define the RADIUS server configuration settings, including the port and shared secret settings:

6- For ‘Service Type’: select ‘Authentication Only’

7-Click Finished.

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/3587

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system F5.

References

• 800-53|AC-2(1)
• CSCv7|5.1

Source

• Tenable.com/audits