STIGQter: STIG Summary: IBM DataPower Network Device Management Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Oct 2017:

The DataPower Gateway must employ automated mechanisms to centrally manage authentication settings.

DISA Rule

SV-79667r1_rule

Vulnerability Number

V-65177

Group Title

SRG-APP-000516-NDM-000336

Rule Version

WSDP-NM-000134

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-000370 - The organization employs automated mechanisms to centrally manage configuration settings for organization-defined information system components.

Weight

10

Fix Recommendation

Go to Administration >> Access >> RBM Settings.
Set Authentication Method to LDAP.

Configure LDAP connection as needed.

Check Contents

Go to Administration >> Access >> RBM Settings. Verify Authentication Method is LDAP. If it is not, this is a finding.

Vulnerability Number

V-65177

Documentable

False

Rule Version

WSDP-NM-000134

Severity Override Guidance

Go to Administration >> Access >> RBM Settings. Verify Authentication Method is LDAP. If it is not, this is a finding.

Check Content Reference

M

Target Key

2861

Comments