The Riverbed NetIM must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-275453 | SRG-APP-000148-NDM-000346 | RIIM-DM-000004 | SV-275453r1147409_rule | 2025-09-29 | 1 |
| Description |
|---|
| Authentication for administrative (privileged-level) access to the device is required at all times. An account can be created on the device's local database for use when the authentication server is down or connectivity between the device and the authentication server is not operable. This account is referred to as the account of last resort since it is intended to be used as a last resort and when immediate administrative access is absolutely necessary. |
| ℹ️ Check |
|---|
| Verify only the account of last resort, "admin", exists on the device. In the GUI, navigate to Configure >> All Settings >> Administer >> User Management. If local user accounts exist other than the account of last resort, this is a finding. |
| ✔️ Fix |
|---|
| Use of the default GUI account "admin" as the account of last resort is strongly recommended. It must have a DOD-compliant password and be securely stored in a safe for emergency, but not day-to-day, use. The "NetIMAdmin" default shell account cannot be changed but must be the only user shell account. It must have a DOD-compliant password. Remove all GUI local accounts other than the default admin account. 1. In the GUI, navigate to Configure >> All Settings >> Administer >> User Management. 2. In the Local Users section, click the "X" icon in the Actions column of the user's entry. The NetIMAdmin shell account must remain the only local login account at this level. |