STIGQter: STIG Summary: IBM Hardware Management Console (HMC) STIG Version: 1 Release: 5 Benchmark Date: 20 Jan 2015:

The Enterprise System Connection (ESCON) Director (ESCD) Application Console must be located in a secure location

DISA Rule

SV-29986r3_rule

Vulnerability Number

V-24340

Group Title

HLESC010

Rule Version

HLESC010

Severity

CAT I

CCI(s)

• CCI-002101 - The organization authorizes internal connections of organization-defined information system components or classes of components to the information system.

Weight

10

Fix Recommendation

Move the (ESCD) Console Application console to a secure location and implement access control procedures to ensure access by authorized personnel only.

An ESCD Console Application is used to provide data center personnel with an interface for displaying and
changing an ESCD'S connectivity attributes. It is also used to install, initialize, and service an ESCON Director.
Note: ESCD'S are slowly being phased out and are being replaced with FICON Directors.

Check Contents

If the ESCD Application Console is present, verify the location of the ESCD Application Console, otherwise this check is not applicable.

If the ESCON Director Application console is not located in a secure location this is a finding.

Vulnerability Number

V-24340

Documentable

False

Rule Version

HLESC010

Severity Override Guidance

If the ESCD Application Console is present, verify the location of the ESCD Application Console, otherwise this check is not applicable.

If the ESCON Director Application console is not located in a secure location this is a finding.

Check Content Reference

M

Responsibility

Systems Programmer

Target Key

1891

Comments