![]() ![]() The Horizon Connection Server must backup its configuration daily. It can be disabled by adding the entry "x-frame-options=OFF". RFC 7034 HTTP Header Field X-Frame-Options, also known as counter clickjacking, is enabled by default on the Horizon Connection Server. The Horizon Connection Server must have X-Frame-Options enabled. The Horizon Connection Server must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs.Ĭonfiguring the application to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security. Unapproved cryptographic module algorithms cannot be verified and cannot be relied upon to provide confidentiality or integrity, and. The Horizon Connection Server must only use FIPS 140-2 validated cryptographic modules.Įncryption is only as good as the encryption modules utilized. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Security flaws with software applications are discovered daily. ![]() CAC login can be configured as disabled, optional or required but for maximum assurance it.Īll Horizon components must be running supported versions. The Horizon Connection Server console supports CAC login as required for cryptographic non-repudiation. The Horizon Connection Server must require DoD PKI for administrative logins. The Horizon Connection Server must be configured to only support TLS 1.2 connections. Preventing the disclosure of transmitted information requires that the application server take measures to employ strong cryptographic mechanisms to protect the information during transmission. The Blast Secure Gateway must be configured to only support TLS 1.2 connections. The Horizon Connection Server must force server cipher preference.īy default, during the initial setup of a Transport Layer Security (TLS) connection to the Horizon Connection Server, the client sends a list of supported cipher suites in order of preference. Findings (MAC III - Administrative Sensitive) Finding ID
0 Comments
Leave a Reply. |