STIGQter: STIG Summary: IBM DataPower ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Jan 2016:

The DataPower Gateway providing user access control intermediary services must be configured with a pre-established trust relationship and mechanisms with appropriate authorities (e.g., Active Directory or AAA server) which validate user account access authorizations and privileges.

DISA Rule

SV-79707r1_rule

Vulnerability Number

V-65217

Group Title

SRG-NET-000138-ALG-000088

Rule Version

WSDP-AG-000038

Severity

CAT II

CCI(s)

CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

Fix Recommendation

Using the appliance's WebGUI, navigate to DataPower Gateway's Configure AAA Policy (authentication, authorization, audit) at Objects >> XML Processing >> AAA Policy.

On the Resource extraction tab, specify the correct resource information categories.

If there is a requirement for resource mapping, on the Resource mapping tab, specify the appropriate method and associated information.

On the Authorization tab, specify the correct methods, associated information and caching parameters.

The DataPower Gateway providing user access control intermediary services must be configured with a pre-established trust relationship and mechanisms with appropriate authorities (e.g., Active Directory or AAA server) which validate user account access authorizations and privileges.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments