STIGQter STIGQter: STIG Summary: ISEC7 EMM Suite v6.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 23 Aug 2019: The LockOutRealm must be configured with a login lockout time of 15 minutes.

DISA Rule

SV-106389r1_rule

Vulnerability Number

V-97283

Group Title

SRG-APP-000516

Rule Version

ISEC-06-550310

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Add lockOutTime parameter to the LockOutRealm configuration:

Login to the ISEC7 EMM Suite server.
Navigate to <Drive>:\Program Files\Isec7 EMM Suite\Tomcat\Config
Open the server.xml file with Notepad.
Select Edit>Find and search for LockOutRealm.
Add the following line is in the server.xml file:

<Realm className="org.apache.catalina.realm.LockOutRealm" failureCount="3" lockOutTime="900" >

Restart the ISEC7 EMM Suite Web service in the services.msc

Check Contents

Verify the lockOutTime parameter is set to 900 in the LockOutRealm configuration.

Login to the ISEC7 EMM Suite server.
Navigate to <Drive>:\Program Files\Isec7 EMM Suite\Tomcat\Config
Open the server.xml file with Notepad.
Select Edit >> Find and search for LockOutRealm.
Verify the lockOutTime parameter is set to 900 in the following file:

<Realm className="org.apache.catalina.realm.LockOutRealm" failureCount="3" lockOutTime="900" >

If the lockOutTime parameter is not set to 900 in the LockOutRealm configuration, this is a finding.

Vulnerability Number

V-97283

Documentable

False

Rule Version

ISEC-06-550310

Severity Override Guidance

Verify the lockOutTime parameter is set to 900 in the LockOutRealm configuration.

Login to the ISEC7 EMM Suite server.
Navigate to <Drive>:\Program Files\Isec7 EMM Suite\Tomcat\Config
Open the server.xml file with Notepad.
Select Edit >> Find and search for LockOutRealm.
Verify the lockOutTime parameter is set to 900 in the following file:

<Realm className="org.apache.catalina.realm.LockOutRealm" failureCount="3" lockOutTime="900" >

If the lockOutTime parameter is not set to 900 in the LockOutRealm configuration, this is a finding.

Check Content Reference

M

Target Key

3503

Comments