CylanceON-PREM must be configured to use a third-party identity provider.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-272627 | CYLN-OP-000010 | SV-272627r1113422_rule | Low |
| Description |
| Configuring CylanceON-PREM to integrate with an Enterprise Identity Provider enhances security, simplifies user management, ensures compliance, provides auditing capabilities, and offers a more seamless and consistent user experience. It aligns CylanceON-PREM with enterprise standards and contributes to a more efficient and secure environment. Satisfies: SRG-APP-000001, SRG-APP-000023, SRG-APP-000025, SRG-APP-000033, SRG-APP-000065, SRG-APP-000118, SRG-APP-000121, SRG-APP-000148, SRG-APP-000149, SRG-APP-000150, SRG-APP-000153, SRG-APP-000154, SRG-APP-000155, SRG-APP-000157, SRG-APP-000163, SRG-APP-000164, SRG-APP-000165, SRG-APP-000166, SRG-APP-000167, SRG-APP-000168, SRG-APP-000169, SRG-APP-000170, SRG-APP-000173, SRG-APP-000176, SRG-APP-000177, SRG-APP-000183, SRG-APP-000185, SRG-APP-000345, SRG-APP-000400, SRG-APP-000401, SRG-APP-000404, SRG-APP-000405, SRG-APP-000461, SRG-APP-000700, SRG-APP-000705, SRG-APP-000710, SRG-APP-000715, SRG-APP-000720, SRG-APP-000730, SRG-APP-000735, SRG-APP-000740, SRG-APP-000815, SRG-APP-000820, SRG-APP-000825, SRG-APP-000830, SRG-APP-000835, SRG-APP-000840, SRG-APP-000845, SRG-APP-000850, SRG-APP-000855, SRG-APP-000860, SRG-APP-000865, SRG-APP-000870, SRG-APP-000875 |
| STIG | Date |
| Arctic Wolf CylanceON-PREM Security Technical Implementation Guide | 2025-06-11 |
Details
| Check Text (C-76708r1113420_chk) |
| Verify Identity Provider (IDP) settings. Administrator privileges are required. Using LDAP: 1. Log in to the admin console. 2. Navigate to Configuration >> Settings. 3. Locate the LDAP section. If LDAP (an authorized IDP) is not configured correctly or is disabled, this is not a finding. Not using LDAP: 1. Log in to the admin console. 2. Navigate to Configuration >> Settings. 3. Locate Identity Provider Settings. Review documentation of allowed IDPs. If IDP settings are not configured correctly or the IDP is disabled or not authorized, this is a finding. |
| Fix Text (F-76613r1113421_fix) |
| Configure CylanceON-PREM to accept authentication from an external identity provider. Administrator privileges are required. Using LDAP: 1. Log in to the admin console. 2. Navigate to Configuration >> Settings. 3. Locate the LDAP section. 4. Enable Identity Provider Settings. 5. Enter the identity provider information. 6. Test the connection. 7. Click the green check. Not using LDAP: 1. Log in to the admin console. 2. Navigate to Configuration >> Settings. 3. Locate Identity Provider Settings. 4. Enable the Identity Provider toggle. 5. Enter the identity provider information. - Single Sign-On: This is the single sign-on or SAML response URL that is provided by the identity provider. - Entity ID: This is the entity ID, issuer, or application name that is provided by the identity provider. - x.509 Certificate: This is provided by the identity provider. 6. Click the green check. CylanceON-PREM will generate a Service Provider Entity ID that the identity provider will need to complete the single sign-on configuration. |