TickYouOff
Sign in
Back
🔒

Symantec Edge SWG STIG (Y25M11)

Hard 18 items · 2 hours
testuser's avatar
testuser Published 1 month ago
Security

This checklist translates the Symantec Edge Secure Web Gateway (SWG) STIG (Y25M11) into actionable configuration and validation steps. It’s designed for administrators and security teams who must implement STIG controls for SWG devices in managed environments.

Source: https://ncp.nist.gov/checklist/1321

Progress
0 / 18
  1. Download the Symantec Edge SWG STIG and XCCDF — Obtain the Y25M11 STIG and standalone XCCDF from DISA or public Cyber.mil.
  2. Confirm device product and firmware match STIG target — Verify CPE/product name and exact software version before applying controls.
  3. Apply vendor-released patches and firmware updates — Install the latest Symantec/Broadcom updates to address known vulnerabilities.
  4. Restrict administrative access to management interfaces — Limit access to trusted hosts and management VLANs only.
  5. Enable role-based access control (RBAC) for administrators — Grant least privilege by assigning only required admin roles.
  6. Disable or rename default administrative accounts — Remove or rename factory accounts to reduce attack surface.
  7. Enforce multi-factor authentication for admin logins — Require MFA for all privileged accounts accessing management interfaces.
  8. Harden management protocols and disable insecure services — Use SSH and HTTPS (TLS); disable Telnet, HTTP, and insecure SNMP versions.
  9. Enable and forward logs to a centralized SIEM — Configure secure syslog/CEF and ensure accurate timestamps via NTP.
  10. Enable TLS inspection and set decryption policies where required — Implement decryption carefully to balance visibility and privacy needs.
  11. Implement web filtering and data loss prevention (DLP) policies — Apply organizational URL categories, file-type controls, and DLP rules.
  12. Review and tune URL categories, allowlists, and blocklists — Adjust categories and exceptions to reduce false positives and gaps.
  13. Enable malware scanning and sandboxing for file traffic — Activate advanced threat detection and quarantine for suspicious files.
  14. Configure secure backups of device configuration — Schedule encrypted backups and store them in an access-controlled location.
  15. Harden network access to the device (ACLs, management VLANs) — Use access control lists and dedicated management networks for admin access.
  16. Perform vulnerability scanning and remediate critical CVEs — Run scans against the appliance and prioritize fixes for critical findings.
  17. Document implemented STIG settings and collect evidence — Record configuration changes, screenshots, and validation output for audits.
  18. Schedule periodic STIG reviews and compliance re-validation — Plan quarterly reviews or after significant changes to maintain compliance.
Sign in to save
📝 My Notes