STIGQter: STIG Summary: IBM DataPower ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Jan 2016:

The DataPower Gateway providing content filtering must generate an alert to, at a minimum, the ISSO and ISSM when unauthorized network services are detected.

DISA Rule

SV-79777r1_rule

Vulnerability Number

V-65287

Group Title

SRG-NET-000385-ALG-000138

Rule Version

WSDP-AG-000110

Severity

CAT II

CCI(s)

• CCI-002684 - The information system audits and/or alerts organization-defined personnel when unauthorized network services are detected.

Weight

10

Fix Recommendation

Using the WebGUI, go to Network >> Management >> Web Management Service. Check the "WS-Management endpoint" checkbox. Configure an IP and port for the WS-Management endpoint to connect to.

Using the service monitoring data provided by the DataPower Gateway, the WS-Management endpoint would be responsible for detecting the use of unauthorized network services and then generating an alert.

Check Contents

Using the WebGUI, go to Network >> Management >> Web Management Service. The "WS-Management endpoint" checkbox should be checked. Verify an IP and port for the WS-Management endpoint to connect to.

If the WS-Management endpoint is not enabled (checked) or not configured, this is a finding.

Vulnerability Number

V-65287

Documentable

False

Rule Version

WSDP-AG-000110

Severity Override Guidance

Using the WebGUI, go to Network >> Management >> Web Management Service. The "WS-Management endpoint" checkbox should be checked. Verify an IP and port for the WS-Management endpoint to connect to.

If the WS-Management endpoint is not enabled (checked) or not configured, this is a finding.

Check Content Reference

M

Target Key

2859

Comments