STIGQter STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016:

Trend Deep Security must maintain a separate execution domain for each executing process.

DISA Rule

SV-80477r1_rule

Vulnerability Number

V-65987

Group Title

SRG-APP-000431

Rule Version

TMDS-00-000310

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Trend Deep Security server to maintain a separate execution domain for each executing process.

Install the Deep Security Manager on a dedicated server within a management zone. Next, connect the DSM to the assigned database provided. The database should be in separate zone with the necessary firewall rules established for communication between the application server and the DB.

Check Contents

Review the Trend Deep Security server configuration to ensure a separate execution domain for each executing process is maintained.

Review the network topology supporting Deep Security for separation of zones and host OS.

If the architecture does separate the Deep Security Manager (DSM) from the Database, this is a finding.

Vulnerability Number

V-65987

Documentable

False

Rule Version

TMDS-00-000310

Severity Override Guidance

Review the Trend Deep Security server configuration to ensure a separate execution domain for each executing process is maintained.

Review the network topology supporting Deep Security for separation of zones and host OS.

If the architecture does separate the Deep Security Manager (DSM) from the Database, this is a finding.

Check Content Reference

M

Target Key

2955

Comments