BlueCoat ProxySG Visual Policy Manager Enhancement

Summary

The BlueCoat ProxySG compliance plugin is being enhanced to support processing and evaluation against the Visual Policy Manager (VPM) configuration. This configuration is stored on the target device as XML. A new check type is being added to the plugin as 'AUDIT_XML_VPM'. This check type supports the usage of XSL transformations to select data for evaluation.

Tenable Plugins

• 70470 - BlueCoat ProxySG Compliance Plugin

Target Release Date

Immediate Release

Example:

The following custom_item will return the output of the Client Cipher name and values for evaluation.

<check_type:"BlueCoat">

<custom_item>

type             : AUDIT_XML_VPM

description : "AUDIT_XML_VPM Client Cipher"

xsl_stmt      : "<xsl:template match=\"vpmapp\">

<xsl:text>Client Cipher Name - </xsl:text><xsl:value-of select=\"conditionObjects/clnt-cipher/@name\"/><xsl:text>&#10;</xsl:text>

<xsl:text>Client Cipher Values - </xsl:text><xsl:value-of select=\"conditionObjects/clnt-cipher/@v\"/>

</xsl:template>"

expect         : "ECDHE-RSA-AES256-GCM-SHA384"

</custom_item>

</check_type>

Additional Notes:

DISA STIG content will be updated to support this new feature. Customers currently using the DISA STIG Symantec ProxySG ALG and NDM audits will begin to see updated check content soon. Please be on the lookout for the next Release Highlight for the audit updates!