CylanceON-PREM must be configured with a DOD issued certificate (or another authorizing official [AO]-approved certificate).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-272639 | CYLN-OP-000835 | SV-272639r1113556_rule | Medium |
| Description |
| The DOD will only accept PKI certificates obtained from a DOD-approved internal or external certificate authority. Reliance on certificate authorities (CAs) for the establishment of secure sessions includes, for example, the use of TLS certificates. This requirement focuses on communications protection for the CylanceON-PREM session rather than for the network packet. This requirement applies to applications that use communications sessions. This includes, but is not limited to, web-based applications and Service-Oriented Architectures (SOAs). Using a trusted access credential reduces risk of unauthorized access. Satisfies: SRG-APP-000391, SRG-APP-000175, SRG-APP-000392, SRG-APP-000402, SRG-APP-000403, SRG-APP-000427 |
| STIG | Date |
| Arctic Wolf CylanceON-PREM Security Technical Implementation Guide | 2025-06-11 |
Details
| Check Text (C-76720r1113555_chk) |
| Verify Certificate-Based Authentication Settings. Administrator privileges are required. 1. Log in to the admin console. 2. Navigate to CONFIGURATION >> Settings. 3. Find Certificate-Based Authentication. 4. Click "Edit" to open configuration. If Certificate-Based Authentication is not enabled, this is a finding. If the certificate is not a DOD-issued certificate (or other AO-approved certificate), this is a finding. |
| Fix Text (F-76625r1112766_fix) |
| Configure Certificate-Based Authentication Settings. Administrator privileges are required. 1. Log in to the admin console. 2. Navigate to CONFIGURATION >> Settings. 3. Find Certificate-Based Authentication. 4. Click "Edit" to open configuration. 5. Turn on the Certificate-Based Authentication setting. 6. Click "Add Certificate". 7. Browse for the file or drag and drop the file to upload it. (Note: The certificate must be a DOD-issued certificate or other AO-approved certificate.) 8. Click "Upload Certificate". 9. Click the green check to save changes. |