STIGQter: STIG Summary: MobileIron Core v10.x MDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 15 Feb 2019:

The MobileIron Core v10 server must be configured to implement FIPS 140-2 mode for all server encryption (if not automatically configured during server install).

DISA Rule

SV-101921r1_rule

Vulnerability Number

V-91819

Group Title

PP-MDM-314001

Rule Version

MICR-10-000640

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the MDM server to use a FIPS 140-2-validated cryptographic module.

On the MDM console, do the following:
1. SSH to MobileIron Core Server from any SSH client.
2. Enter the administrator credentials you set when you installed MobileIron Core.
3. Enter "enable".
4. When prompted, enter the "enable secret" you set when you installed MobileIron Core.
5. Enter "configure terminal".
6. Enter the following command to enable FIPS: fips
7. Enter the following command to proceed with the necessary reload: do reload

Check Contents

On the MDM console, do the following:
1. SSH to MobileIron Core Server from any SSH client.
2. Enter the administrator credentials you set when you installed MobileIron Core.
3. Enter "show fips".
4. Verify "FIPS 140 mode is enabled" is displayed.

If the MobileIron Server Core does not report that fips mode is "enabled", this is a finding.

Vulnerability Number

V-91819

Documentable

False

Rule Version

MICR-10-000640

Severity Override Guidance

On the MDM console, do the following:
1. SSH to MobileIron Core Server from any SSH client.
2. Enter the administrator credentials you set when you installed MobileIron Core.
3. Enter "show fips".
4. Verify "FIPS 140 mode is enabled" is displayed.

If the MobileIron Server Core does not report that fips mode is "enabled", this is a finding.

Check Content Reference

M

Target Key

3433

Comments