STIGQter: STIG Summary: CA API Gateway ALG Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Apr 2017: STIGQter: STIG Summary: CA API Gateway ALG Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Apr 2017:SV-86069r1_rule
V-71445
SRG-NET-000362-ALG-000120
CAGW-GW-000680
CAT II
10
Open the CA API Gateway - Policy Manager and double-click all Registered Services requiring load balancing.
Verify/add a "Route via HTTP(s)" Assertion within the policy and double-click it.
Click the "Connection" button and chose either the "Use the following IP addresses:" or "Use multiple URLs:" radio button.
Configure multiple IP addresses/URLs and set the Failover strategy in accordance with organizational requirements.
Open the CA API Gateway - Policy Manager and double-click all Registered Services requiring load balancing.
Verify there is a "Route via HTTP(S)" Assertion included in the policy and double-click it.
Click the "Connection" button and verify either the "Use the following IP addresses:" or "Use multiple URLs:" radio button is selected and that multiple URLs/IP addresses are listed in the box.
If the assertion is not included within the policies or multiple URLs/IP addresses are not being used, this is a finding.
V-71445
False
CAGW-GW-000680
Open the CA API Gateway - Policy Manager and double-click all Registered Services requiring load balancing.
Verify there is a "Route via HTTP(S)" Assertion included in the policy and double-click it.
Click the "Connection" button and verify either the "Use the following IP addresses:" or "Use multiple URLs:" radio button is selected and that multiple URLs/IP addresses are listed in the box.
If the assertion is not included within the policies or multiple URLs/IP addresses are not being used, this is a finding.
M
3049