STIGQter STIGQter: STIG Summary: VMware AirWatch v9.x MDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 19 Sep 2016: The AirWatch MDM Agent must be configured for the periodicity of reachability events for six hours or less.

DISA Rule

SV-86253r1_rule

Vulnerability Number

V-71629

Group Title

PP-MDM-201101

Rule Version

VMAW-09-100010

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Configure the AirWatch MDM Agent periodicity of reachable events to six hours or less.

On the AirWatch console do the following:

1. Log into the AirWatch MDM Administration console.
2. Choose "Groups and Settings".
3. Choose "All Settings".
4. Choose "Devices and Users".
5. Choose "Android".
6. Choose "Agent Settings".
7. Set options "Heartbeat Interval", "Data Sample Interval", "Data Transmit Interval", "Profile Refresh Interval", and "Application List Interval" to six hours or less.
8. Click "Save".
9. Choose "Apple".
10. Choose "MDM Sample Schedule".
11. Set options "Device Information Sample", "Application List Sample", "Certificate List Sample", "Profile List Sample", 'Provisioning Profile List Sample", "Restriction List Sample", "Security Information Sample", "Managed App List Sample", "MDM Agent Sample", and "Non-Compliant Device Sample" to six hours or less.
12. Click "Save".

Check Contents

Review the AirWatch MDM Agent documentation and configuration settings to determine if the periodicity of reachable events is set to six hours or less.

On the AirWatch console complete the following procedure:

1. Log into the AirWatch MDM Administration console.
2. Choose "Groups and Settings".
3. Choose "All Settings".
4. Choose "Devices and Users".
5. Choose "Android".
6. Choose "Agent Settings".
7. Verify that options "Heartbeat Interval", "Data Sample Interval", "Data Transmit Interval", "Profile Refresh Interval", and "Application List Interval" are set to six hours or less.
8. Choose "Apple".
9. Choose "MDM Sample Schedule".
10. Verify that options "Device Information Sample", "Application List Sample", "Certificate List Sample", "Profile List Sample", 'Provisioning Profile List Sample", "Restriction List Sample", "Security Information Sample", "Managed App List Sample", "MDM Agent Sample", and "Non-Compliant Device Sample" are set to six hours or less.

If on the AirWatch console the above noted settings are not configured to six hours or less, this is a finding.

Vulnerability Number

V-71629

Documentable

False

Rule Version

VMAW-09-100010

Severity Override Guidance

Review the AirWatch MDM Agent documentation and configuration settings to determine if the periodicity of reachable events is set to six hours or less.

On the AirWatch console complete the following procedure:

1. Log into the AirWatch MDM Administration console.
2. Choose "Groups and Settings".
3. Choose "All Settings".
4. Choose "Devices and Users".
5. Choose "Android".
6. Choose "Agent Settings".
7. Verify that options "Heartbeat Interval", "Data Sample Interval", "Data Transmit Interval", "Profile Refresh Interval", and "Application List Interval" are set to six hours or less.
8. Choose "Apple".
9. Choose "MDM Sample Schedule".
10. Verify that options "Device Information Sample", "Application List Sample", "Certificate List Sample", "Profile List Sample", 'Provisioning Profile List Sample", "Restriction List Sample", "Security Information Sample", "Managed App List Sample", "MDM Agent Sample", and "Non-Compliant Device Sample" are set to six hours or less.

If on the AirWatch console the above noted settings are not configured to six hours or less, this is a finding.

Check Content Reference

M

Target Key

3103

Comments