STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

Symantec Edge SWG ALG Security Technical Implementation Guide

Version

V1R1

Benchmark ID

Symantec_Edge_SWG_ALG_STIG

Total Checks

15

Tags

application
CAT I: 0CAT II: 15CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSON

Checks (15)

V-279166MEDIUMThe ALG providing user authentication intermediary services must uniquely identify and authenticate nonorganizational users (or processes acting on behalf of nonorganizational users).V-279167MEDIUMThe Edge SWG must implement multifactor authentication for remote access to nonprivileged accounts such that one of the factors is provided by a device separate from the system gaining access.V-279168MEDIUMThe Edge SWG must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).V-279175MEDIUMThe Edge SWG must display the standard mandatory DOD-approved notice and consent banner before granting access to the network.V-279176MEDIUMThe Edge SWG must limit the number of concurrent sessions to an organization-defined number for all accounts and/or account types.V-279177MEDIUMThe Edge SWG must ensure inbound and outbound traffic is monitored for compliance with remote access security policies.V-279178MEDIUMThe Edge SWG must be configured to comply with the required TLS settings in NIST SP 800-52.V-279180MEDIUMThe Edge SWG must be configured to remove or disable unrelated or unneeded application proxy services.V-279187MEDIUMIn the event of a system failure of the ALG function, the Edge SWG must save diagnostic information, log system messages, and load the most current security policies, rules, and signatures when restarted.V-279194MEDIUMThe Edge SWG must generate error messages that provide the information necessary for corrective actions without revealing information that could be exploited by adversaries.V-279203MEDIUMThe Edge SWG must control remote access methods.V-279216MEDIUMThe Edge SWG providing user authentication intermediary services must require users to reauthenticate when organization-defined circumstances or situations require reauthentication.V-279217MEDIUMThe Edge SWG using PKI-based user authentication must implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network.V-279219MEDIUMThe Edge must implement load balancing to limit the effects of known and unknown types of denial-of-service (DoS) attacks.V-279222MEDIUMThe Edge SWG must fail securely in the event of an operational failure.