STIGQter STIGQter: STIG Summary: IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

The MQ Appliance network device must activate a system alert message, send an alarm, and/or automatically shut down when a component failure is detected.

DISA Rule

SV-89657r1_rule

Vulnerability Number

V-74983

Group Title

SRG-APP-000268-NDM-000274

Rule Version

MQMH-ND-000830

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Log on to the MQ Appliance CLI as a privileged user.

Enter:
co
failure-notification
admin-state enabled
upload-report <on or off>
location-id <String to identify the issuing device>
use-smtp on
protocol smtp
email-address <destination notification email address>
remote-address <remote SMTP server address>
internal-state on
ffdc packet-capture on
ffdc event-log on
ffdc memory-trace on
always-on-startup on
always-on-shutdown on
report-history <Max. # of local error rpts to maintain>
exit
write mem
y

Check Contents

Log on to the MQ Appliance CLI as a privileged user.

Enter:
failure-notification
show failure-notification

Examine the configured parameters to verify the current configuration, including the notification address.

If the MQ Appliance is not configured to send an alert when a component failure is detected, this is a finding.

Vulnerability Number

V-74983

Documentable

False

Rule Version

MQMH-ND-000830

Severity Override Guidance

Log on to the MQ Appliance CLI as a privileged user.

Enter:
failure-notification
show failure-notification

Examine the configured parameters to verify the current configuration, including the notification address.

If the MQ Appliance is not configured to send an alert when a component failure is detected, this is a finding.

Check Content Reference

M

Target Key

3243

Comments