STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Symantec Edge SWG ALG Security Technical Implementation Guide

V-279203

CAT II (Medium)

The Edge SWG must control remote access methods.

Rule ID

SV-279203r1170670_rule

STIG

Symantec Edge SWG ALG Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-002314CCI-002347CCI-002403CCI-002656CCI-002684CCI-002661CCI-002662CCI-002664

Discussion

Remote access devices, such as those providing remote access to network devices and information systems, lack automated control capabilities, increase risk and make remote user access management difficult. Remote access is access to DOD-nonpublic information systems by an authorized user (or an information system) communicating through an external, nonorganization-controlled network. Remote access methods include broadband and wireless connections, for example, proxied remote encrypted traffic (e.g., TLS gateways, web content filters, and webmail proxies). This requirement applies to ALGs providing remote access proxy services as part of its intermediary services (e.g., OWA or TLS gateway). ALGs that proxy remote access must be capable of taking enforcement action (i.e., blocking, restricting, or forwarding to an enforcement mechanism) if traffic monitoring reveals unauthorized activity. Satisfies: SRG-NET-000313-ALG-000010, SRG-NET-000319-ALG-000153, SRG-NET-000364-ALG-000122, SRG-NET-000383-ALG-000135, SRG-NET-000385-ALG-000137, SRG-NET-000385-ALG-000138, SRG-NET-000390-ALG-000139, SRG-NET-000391-ALG-000140, SRG-NET-000392-ALG-000141, SRG-NET-000392-ALG-000142, SRG-NET-000392-ALG-000143, SRG-NET-000392-ALG-000147, SRG-NET-000392-ALG-000148

Check Content

1. In the Edge SWG Web UI, navigate to the Administration tab.
2. Click "Data and Cloud Services", then "Content Filtering".
3. If BlueCoat Content Filtering is disabled, this is a finding.
4. Click "BlueCoat". 

If the Lookup Mode is not set to "Always", this is a finding.

1. In the Edge SWG Web UI, navigate to the VPM.
2. Go to the Web Access Layer.

If there are no URL filtering rules created, this is a finding.

If there is a URL filtering list and no categories are selected, this is a finding.

Fix Text

1. In the Edge SWG Web UI, navigate to the Administration tab.
2. Click "Data and Cloud Services", then "Content Filtering".
3. Enable BlueCoat Content Filtering.
4. Click "BlueCoat" and check the box for "Always" under "Lookup Mode".
5. Test the download. If the URL cannot be reached, troubleshoot before proceeding to determine if there are networking, reachability, or routing issues.

1. In the Edge SWG Web UI, navigate to the VPM.
2. Go to the Web Access Layer.
3. Create a URL filter list rule if one has not been created, click "Add Rule".
4. For source use "Any".
5. Under "Destination", left-click and then click "Set".
6. Click "Add new Object and Request URL Category".
7. Enter a name and click the "BlueCoat" area.
8. Click each category that users will be blocked from accessing, then click "Apply and Set".
9. Under Service, click the "All HTTP" client protocol.
10. Click "Set".
11. Under "Action", click the "DOD-BLOCK" exception page previously created.
12. Under "Track", click the EventLog tracking previously created.
13. Repeat these steps for all other client protocol services for which forward proxying for users will be completed.
14. Click "Apply Policy".