STIGQter: STIG Summary: IBM DataPower Network Device Management Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Oct 2017:

The DataPower Gateway must use mechanisms meeting the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module.

DISA Rule

SV-79595r1_rule

Vulnerability Number

V-65105

Group Title

SRG-APP-000179-NDM-000265

Rule Version

WSDP-NM-000067

Severity

CAT II

CCI(s)

• CCI-000803 - The information system implements mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.

Weight

10

Fix Recommendation

Administration >> Access >> RBM Settings >> Password Policy. Change Password hash algorithm to sha256crypt.

Administration >> Miscellaneous >> Crypto Tools. Set Cryptographic Mode to FIPS 140-2 Level 1 and click Set Cryptographic Mode button.

Control Panel >> System Control >> Shutdown. Set Mode to Reload Firmware >> Click "Shutdown" button.

Check Contents

Default domain >> Status >> Cryptographic Mode Status: If Target=Permissive AND Current=Permissive AND Pending Target=Permissive, this is a finding.

Vulnerability Number

V-65105

Documentable

False

Rule Version

WSDP-NM-000067

Severity Override Guidance

Default domain >> Status >> Cryptographic Mode Status: If Target=Permissive AND Current=Permissive AND Pending Target=Permissive, this is a finding.

Check Content Reference

M

Target Key

2861

Comments