Compliance Guardian must conform to FICAM-issued profiles.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-256847 | APCG-00-000040 | SV-256847r890151_rule | CCI-002014 | medium |
| Description | ||||
| Without conforming to FICAM-issued profiles, the information system may not be interoperable with FICAM-authentication protocols, such as SAML 2.0 and OpenID 2.0. This requirement addresses open identity management standards. | ||||
| STIG | Date | |||
| AvePoint Compliance Guardian Security Technical Implementation Guide | 2023-02-21 | |||
Details
Check Text (C-256847r890151_chk)
Note: This requirement is Not Applicable is ADFS is not being utilized.
Check the Compliance Guardian configuration option for ADFS Integration.
- Log on to Compliance Guardian with admin account.
- On the Control Panel page in the General Security section, click "Authentication Manager".
- Verify that the ADFS Integration option is enabled.
If the ADFS Integration is not enabled, this is a finding.
Fix Text (F-60465r890150_fix)
Configure Compliance Guardian to use ADFS Integration.
- Log on to Compliance Guardian with admin account.
- On the Control Panel page in the General Security section, click "Authentication Manager".
- Click "ADFS Integration" to open ADFS Integration Configuration Wizard page and complete the configuration.
- Click "Enable" link of the "ADFS Integration" row to enable ADFS Integration.
- Back to the Control Panel page in the Account section, click "Users".
- Navigate to "Add User" page.
- Select "ADFS Claim" from the drop-down list in the "User Type" field.
- Select the Claim Name and input the Claim Value in the "How Would You Like To Retrieve User Information" field.
- Save the settings.