STIGQter: STIG Summary: IBM Hardware Management Console (HMC) STIG Version: 1 Release: 5 Benchmark Date: 20 Jan 2015:

Connection to the Internet for IBM remote support must be in compliance with mitigations specified in the Ports and Protocols and Services Management (PPSM) requirements.

DISA Rule

SV-31589r2_rule

Vulnerability Number

V-25405

Group Title

HMC0225

Rule Version

HMC0225

Severity

CAT I

CCI(s)

CCI-002310 - The organization establishes and documents usage restrictions for each type of remote access allowed.

Weight

Fix Recommendation

Have the Network Security Officer validate that the Internet connection meets the specifications in the PPSM requirements.

Check Contents

Have the Network Security Engineer check, that the remote Internet connection for IBM RSF support has met the mitigations outlined in Vulnerability Analysis for port 443/SSL in the PPSM requirements.

Vulnerability Number

V-25405

Documentable

False

Rule Version

HMC0225

Severity Override Guidance

Have the Network Security Engineer check, that the remote Internet connection for IBM RSF support has met the mitigations outlined in Vulnerability Analysis for port 443/SSL in the PPSM requirements.

Connection to the Internet for IBM remote support must be in compliance with mitigations specified in the Ports and Protocols and Services Management (PPSM) requirements.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments