STIGQter: STIG Summary: IBM DataPower Network Device Management Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Oct 2017:

The DataPower Gateway must obtain its public key certificates from an appropriate certificate policy through an approved service provider.

DISA Rule

SV-79677r1_rule

Vulnerability Number

V-65187

Group Title

SRG-APP-000516-NDM-000344

Rule Version

WSDP-NM-000141

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-001159 - The organization issues public key certificates under an organization-defined certificate policy or obtains public key certificates from an approved service provider.

Weight

10

Fix Recommendation

Go to Objects >> Crypto Configuration >> Crypto Certificate (for certs) or Crypto Key (for keys) to upload external keys/certs to the encrypted flash or FIPS 140-2 Level 3 HSM.

Check Contents

Go to Objects >> Crypto Configuration >> Crypto Certificate (for certs) or Crypto Key (for keys) to verify external keys/certs on the encrypted flash or FIPS 140-2 Level 3 HSM. If none exist, this is a finding.

Vulnerability Number

V-65187

Documentable

False

Rule Version

WSDP-NM-000141

Severity Override Guidance

Go to Objects >> Crypto Configuration >> Crypto Certificate (for certs) or Crypto Key (for keys) to verify external keys/certs on the encrypted flash or FIPS 140-2 Level 3 HSM. If none exist, this is a finding.

Check Content Reference

M

Target Key

2861

Comments