The Edge SWG must be configured to use tlsv1.2 or greater.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-279249 | SYME-ND-000110 | SV-279249r1170513_rule | CCI-000197 | high |
| Description | ||||
| Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised. Network devices can accomplish this by making direct function calls to encryption modules or by leveraging operating system encryption capabilities. | ||||
| STIG | Date | |||
| Symantec Edge SWG NDM Security Technical Implementation Guide | 2026-02-25 | |||
Details
Check Text (C-279249r1170513_chk)
1. Log in to the Edge SWG SSH CLI.
2. Enter "enable" and "configure terminal".
3. Enter "management-services".
4. Enter "edit https-console".
5. Enter "view".
If the "SSL Protocol version" does not equal both "tlsv1.2" and "tlsv1.3", this is a finding.
Fix Text (F-83704r1170512_fix)
1. Log in to the Edge SWG SSH CLI.
2. Enter "enable" and "configure terminal".
3. Enter "management-services".
4. Enter "edit https-console".
5. Enter "attribute ssl-versions tlsv1.2 tlsv1.3".