STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016:

Trend Deep Security must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments.

DISA Rule

SV-80393r1_rule

Vulnerability Number

V-65903

Group Title

SRG-APP-000142

Rule Version

TMDS-00-000130

Severity

CAT II

CCI(s)

• CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

10

Fix Recommendation

Configure the Trend Deep Security server to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments.

From the top menu select Policies >> New >> New Policy.

Enter a Name for the new policy; In Inherit from, select “None”.

Click “Next” and Select “Yes”.

Choose the applicable computers that will inherit this policy, and click “Next”.

Ensure all options are selected from the “Select which Computer properties to base new Policy on:” window, and click “Next”.

Click “Finish”.

Check Contents

Review the Trend Deep Security server to ensure the use of functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments, are prohibited or restricted.

Review the firewall policy for approved ports, protocols and services associated within a defined group or a selected computer by selecting Computers, on the top menu bar.

Choose the appropriate group and within the main page, select a computer for review.

Double-click the selected computer and click "Firewall".

Verify the following settings are enabled:

Configuration: Inherit or On
State: Activated
Firewall Stateful Configurations: Inherited (If managed through a group policy)
Assigned Firewall Rules: (are configured in accordance with local security policy)

If the options identified are not set or configured in accordance with local policy, this is a finding.

Vulnerability Number

V-65903

Documentable

False

Rule Version

TMDS-00-000130

Severity Override Guidance

Review the Trend Deep Security server to ensure the use of functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments, are prohibited or restricted.

Review the firewall policy for approved ports, protocols and services associated within a defined group or a selected computer by selecting Computers, on the top menu bar.

Choose the appropriate group and within the main page, select a computer for review.

Double-click the selected computer and click "Firewall".

Verify the following settings are enabled:

Configuration: Inherit or On
State: Activated
Firewall Stateful Configurations: Inherited (If managed through a group policy)
Assigned Firewall Rules: (are configured in accordance with local security policy)

If the options identified are not set or configured in accordance with local policy, this is a finding.

Check Content Reference

M

Target Key

2955

Comments