STIGQter: STIG Summary: IBM DataPower Network Device Management Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Oct 2017:

The DataPower Gateway must audit the enforcement actions used to restrict access associated with changes to the device.

DISA Rule

SV-79651r1_rule

Vulnerability Number

V-65161

Group Title

SRG-APP-000381-NDM-000305

Rule Version

WSDP-NM-000107

Severity

CAT II

CCI(s)

• CCI-001814 - The Information system supports auditing of the enforcement actions.

Weight

10

Fix Recommendation

Configure the DataPower Gateway to log all enforcement action audit events to an external log target.

Using the web interface, go to Objects >> Logging Configuration >> Log Target. Add an audit log target. View the Event Subscriptions tab to set audit log subscription Event Priority level.

Check Contents

Confirm that the Audit log administrative state is "up". Using the web interface, go to Object >> Logging Configuration >> Audit Log Settings. Confirm that the Audit Level is set to Full. If it is not, this is a finding.

Vulnerability Number

V-65161

Documentable

False

Rule Version

WSDP-NM-000107

Severity Override Guidance

Confirm that the Audit log administrative state is "up". Using the web interface, go to Object >> Logging Configuration >> Audit Log Settings. Confirm that the Audit Level is set to Full. If it is not, this is a finding.

Check Content Reference

M

Target Key

2861

Comments