STIGQter: STIG Summary: IBM DataPower ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Jan 2016: STIGQter: STIG Summary: IBM DataPower ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Jan 2016:SV-79721r1_rule
V-65231
SRG-NET-000192-ALG-000121
WSDP-AG-000045
CAT II
10
From the initial Web interface screen (the Control Panel), select Objects >> Protocol Handlers >> HTTPS Front Side Handler.
Click on each of the Handlers in the list that appears >> Click the Advanced tab of the Handler configuration.
For the Access Control List field, click “+” to create a new ACL >> Enter a name for the List >> Click the Entry tab >> Click Add >> Select Deny and set the Address Range to network segments representing internal networks >> Click Apply.
From the initial Web interface screen (the Control Panel), select Objects >> Protocol Handlers >>HTTPS Front Side Handler.
Click on each of the Handlers in the list that appears >> Click the Advanced tab of the Handler configuration >> Verify that there is an Access Control List selected >> Click the ellipses (…) button beside the list.
On the Access Control List page, click the Entry tab >> Verify that the network segments representing internal networks are denied.
If these items are not configured, this is a finding.
V-65231
False
WSDP-AG-000045
From the initial Web interface screen (the Control Panel), select Objects >> Protocol Handlers >>HTTPS Front Side Handler.
Click on each of the Handlers in the list that appears >> Click the Advanced tab of the Handler configuration >> Verify that there is an Access Control List selected >> Click the ellipses (…) button beside the list.
On the Access Control List page, click the Entry tab >> Verify that the network segments representing internal networks are denied.
If these items are not configured, this is a finding.
M
2859