The Edge must implement load balancing to limit the effects of known and unknown types of denial-of-service (DoS) attacks.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-279219	SRG-NET-000362-ALG-000120	SYME-00-009800	SV-279219r1170647_rule	2025-12-16	1

Description
If the network does not provide safeguards against DoS attacks, network resources will be unavailable to users. Load balancing provides service redundancy, which reduces the susceptibility of the ALG to many DoS attacks. The ALG must be configured to prevent or mitigate the impact on network availability and traffic flow of DoS attacks that have occurred or are ongoing. This requirement applies to the network traffic functionality of the device as it pertains to handling network traffic. Some types of attacks may be specialized to certain network technologies, functions, or services. For each technology, known and potential DoS attacks must be identified and solutions for each type implemented.

Description

If the network does not provide safeguards against DoS attacks, network resources will be unavailable to users. Load balancing provides service redundancy, which reduces the susceptibility of the ALG to many DoS attacks. The ALG must be configured to prevent or mitigate the impact on network availability and traffic flow of DoS attacks that have occurred or are ongoing. This requirement applies to the network traffic functionality of the device as it pertains to handling network traffic. Some types of attacks may be specialized to certain network technologies, functions, or services. For each technology, known and potential DoS attacks must be identified and solutions for each type implemented.

ℹ️ Check
Implementation of multiple Edge SWG nodes must be done in a transparent proxy using an ethernet bridge. This is done using the Symantec Integrates Secure Gateway (ISG). 1. In the Edge SWG Web UI, navigate to the Configuration tab. 2. Go to "Network and Adapters". 3. Scroll down to the "Bridge" section, if a bridge is not configured, this is a finding. If a bridge is configured but the two network interfaces on the ISG are not added, this is a finding.

ℹ️ Check

Implementation of multiple Edge SWG nodes must be done in a transparent proxy using an ethernet bridge. This is done using the Symantec Integrates Secure Gateway (ISG). 1. In the Edge SWG Web UI, navigate to the Configuration tab. 2. Go to "Network and Adapters". 3. Scroll down to the "Bridge" section, if a bridge is not configured, this is a finding. If a bridge is configured but the two network interfaces on the ISG are not added, this is a finding.

✔️ Fix
Implementation of multiple Edge SWG nodes must be done in a transparent proxy using an ethernet bridge. This is done using the Symantec Integrates Secure Gateway (ISG). 1. Log in to the ISG SSH CLI. 2. Enter "enable" and "configure terminal". 3. Enter "bridge view". There should be no interfaces added to a bridge. 4. Enter "bridge edit passthru-2:0 mode fail-closed". 5. Create the network definition and type "network-definition create <NAME>". 6. Add the bridge to the network definition and type "network-definition edit <NAME> add mode reserved bridges passthru-2:0". 7. Add the definition to the Edge SWG image by typing: "applications edit <SWG NAME> network-definition <NAME>". 8. Start the image by entering the command "applications start<SWG NAME>". 9. Repeat these steps for any other Edge SWGs being added for high availability. 1. In the Edge SWG Web UI, navigate to the Configuration tab. 2. Go to "Network and Adapters". 3. Scroll down to the Bridge section and click the "pass-through-2:0" bridge. 4. Click "Add Interface". 5. Find the two interfaces being used and add them. 6. Click "Apply and Save".

✔️ Fix

Implementation of multiple Edge SWG nodes must be done in a transparent proxy using an ethernet bridge. This is done using the Symantec Integrates Secure Gateway (ISG). 1. Log in to the ISG SSH CLI. 2. Enter "enable" and "configure terminal". 3. Enter "bridge view". There should be no interfaces added to a bridge. 4. Enter "bridge edit passthru-2:0 mode fail-closed". 5. Create the network definition and type "network-definition create <NAME>". 6. Add the bridge to the network definition and type "network-definition edit <NAME> add mode reserved bridges passthru-2:0". 7. Add the definition to the Edge SWG image by typing: "applications edit <SWG NAME> network-definition <NAME>". 8. Start the image by entering the command "applications start<SWG NAME>". 9. Repeat these steps for any other Edge SWGs being added for high availability. 1. In the Edge SWG Web UI, navigate to the Configuration tab. 2. Go to "Network and Adapters". 3. Scroll down to the Bridge section and click the "pass-through-2:0" bridge. 4. Click "Add Interface". 5. Find the two interfaces being used and add them. 6. Click "Apply and Save".