Checklist Summary:

Akamai Kona Site Defender (KSD) Service Impact Level 2 (IL2) Security Technical Implementation Guide (STIG) provides the technical security policies, requirements, and implementation details for applying security concepts to the Akamai KSD configuration and administrative web portal access. The Akamai KSD is a cloud service providing web application firewall (WAF) protections inline between web servers and users. This Akamai KSD Service IL2 STIG provides technical guidance for configuring the management portal and the WAF itself. The management portal guidance is based on the Network Device Management (NDM) Security Requirements Guide (SRG), which covers authentication, authorization, audit, and user access. The WAF, to include the optional Client Reputation module, is based on the Application Layer Gateway (ALG) SRG, which includes reverse proxy, protocol/port filtering, and protocol header inspection. The scope of the Akamai KSD Service IL2 STIG limits implementation to Impact Level 2 as defined in the Cloud Computing SRG. For implementations of higher Impact Levels, further risk evaluation will need to be performed using the ALG SRG requirements for those intermediary services implemented, such as remote access control and user authentication/authorization. Further, higher Impact Levels must meet the requirements set forth in the Internet NIPRNet DoD

Checklist Role:

• Business Productivity Application

Known Issues:

Not provided.

Target Audience:

Not provided.

Target Operational Environment:

• Managed
• Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

DoD Instruction (DoDI) 8500.01

Comments/Warnings/Miscellaneous:

All technical NIST SP 800-53 requirements were considered while developing this STIG. Requirements that are applicable and configurable will be included in the final STIG. A report marked For Official Use Only (FOUO) will be available for those items that did not meet requirements. This report will be available to component Authorizing Official (AO) personnel for risk assessment purposes by request via email to: disa.stig_spt@mail.mil.

Disclaimer:

Not provided.

Product Support:

Parties within the DoD and Federal Government’s computing environments can obtain the applicable STIG from the Information Assurance Support Environment (IASE) website. This site contains the latest copies of any STIGs, SRGs, and other related security information. The address for the IASE site is http://iase.disa.mil/.

Point of Contact:

disa.stig_spt@mail.mil

Sponsor:

Not provided.

Licensing:

Not provided.

Change History:

Updated information to reflect executive summary - 11/20/2017
Moved to FINAL - 03/30/2018
Updated URLs - 6/4/19

Dependency/Requirements:

URL	Description

References:

Reference URL	Description
https://dl.dod.cyber.mil/wp-content/uploads/stigs/pdf/U_Akamai_KSD_STIG_Ver1_Release_Memo.pdf	Akamai KSD Service IL2 STIG Ver 1 Release Memo
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Akamai_KSD_Service_IL2_V1R1_Overview.zip	Akamai KSD Service IL2 STIG Overview

NIST checklist record last modified on 06/05/2019