Details
Next, if you haven’t done this already, configure the BIG-IP for remote authentication against, say, the enterprise Active Directory repository. Make this happen from the System > Users > Authentication screen and ensure that the default role is Application Editor or less.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
1. Log in to the Configuration utility as the administrative user.
2. Navigate to System > Users > Remote Role Groups.
3. Select Group Name and edit Assigned Role.
4. Click Update.
You can use the /auth remote-role command to provide somewhat granular authorization to each user group.
(tmos)# help /auth remote-role
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system F5.
References
- 800-53|CM-5(1)
- CAT|II
- CCI|CCI-001813
- Rule-ID|SV-74639r1_rule
- STIG-ID|F5BI-DM-000213
- Vuln-ID|V-60209