UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Akamai KSD Service Impact Level 2 NDM Security Technical Implementation Guide


Overview

Date Finding Count (24)
2017-09-15 CAT I (High): 2 CAT II (Med): 20 CAT III (Low): 2
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC I - Mission Critical Sensitive)

Finding ID Severity Title
V-76503 High The Akamai Luna Portal must employ Single Sign On (SSO) with Security Assertion Markup Language (SAML) integration to verify authentication settings.
V-76501 High The Akamai Luna Portal must employ Security Assertion Markup Language (SAML) to automate central management of administrators.
V-76487 Medium If multifactor authentication is not supported and passwords must be used, the Akamai Luna Portal must enforce password complexity by requiring that at least one upper-case character be used.
V-76485 Medium The Akamai Luna Portal must enforce a minimum 15-character password length.
V-76489 Medium If multifactor authentication is not supported and passwords must be used, the Akamai Luna Portal must enforce password complexity by requiring that at least one lower-case character be used.
V-76461 Medium The Akamai Luna Portal must initiate a session logoff after a 15-minute period of inactivity.
V-76463 Medium The Akamai Luna Portal must automatically audit account creation.
V-76465 Medium The Akamai Luna Portal must automatically audit account modification.
V-76467 Medium The Akamai Luna Portal must automatically audit account removal actions.
V-76469 Medium The Akamai Luna Portal must generate alerts that can be forwarded to the SAs and ISSO when accounts are created.
V-76491 Medium If multifactor authentication is not supported and passwords must be used, the Akamai Luna Portal must enforce password complexity by requiring that at least one numeric character be used.
V-76493 Medium If multifactor authentication is not supported and passwords must be used, the Akamai Luna Portal must enforce password complexity by requiring that at least one special character be used.
V-76495 Medium The Akamai Luna Portal must enforce a 60-day maximum password lifetime restriction.
V-76497 Medium The Akamai Luna Portal must prohibit password reuse for a minimum of five generations.
V-76499 Medium The Akamai Luna Portal must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 15 minutes of inactivity except to fulfill documented and validated mission requirements.
V-76473 Medium The Akamai Luna Portal must generate alerts that can be forwarded to the SAs and ISSO when accounts are removed.
V-76457 Medium Upon successful login, the Akamai Luna Portal must notify the administrator of the date and time of the last login.
V-76479 Medium The Akamai Luna Portal must audit the execution of privileged functions.
V-76477 Medium The Akamai Luna Portal must notify the SAs and ISSO when accounts are created, or enabled when previously disabled.
V-76475 Medium The Akamai Luna Portal must automatically audit account enabling actions.
V-76459 Medium The Akamai Luna Portal must notify the administrator of the number of successful login attempts.
V-76471 Medium The Akamai Luna Portal must generate alerts that can be forwarded to the SAs and ISSO when accounts are modified.
V-76483 Low The Akamai Luna Portal must generate audit records when successful/unsuccessful attempts to access privileges occur.
V-76481 Low The Akamai Luna Portal must provide audit record generation capability for DoD-defined auditable events within the network device.