STIGQter: STIG Summary: CA API Gateway ALG Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Apr 2017: STIGQter: STIG Summary: CA API Gateway ALG Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Apr 2017:SV-86067r1_rule
V-71443
SRG-NET-000362-ALG-000112
CAGW-GW-000670
CAT II
10
Open the CA API Gateway - Policy Manager.
Select "Tasks" from the main menu and choose "Create Policy".
Give the policy a name and select "Global Policy Fragment" from the Policy Type drop-down menu.
Select "message-received" from the Policy Tag drop-down menu and click "OK".
Drag the "Apply Rate Limit" Assertion into the newly created Global Policy Fragment.
Set the "Maximum requests per second" and/or "Maximum concurrent requests" and/or "Limit each:" values to meet the organization's requirements to protect against DoS attacks.
Click "Save and Activate".
Open the CA API Gateway - Policy Manager.
Check the lower-left corner of the CA API Gateway - Policy Manager to see if a Global Policy is set that includes an "Apply Rate Limit" Assertion. (Global policies are displayed with a green icon beside their name.)
If the policy does not exist, this is a finding.
If it does exist, verify the Rate Limits are set to meet the organization's security requirements for DoS Attacks.
If the Rate Limits are not set to meet the organization's security requirements for DoS attacks, this is a finding.
V-71443
False
CAGW-GW-000670
Open the CA API Gateway - Policy Manager.
Check the lower-left corner of the CA API Gateway - Policy Manager to see if a Global Policy is set that includes an "Apply Rate Limit" Assertion. (Global policies are displayed with a green icon beside their name.)
If the policy does not exist, this is a finding.
If it does exist, verify the Rate Limits are set to meet the organization's security requirements for DoS Attacks.
If the Rate Limits are not set to meet the organization's security requirements for DoS attacks, this is a finding.
M
3049