STIGQter: STIG Summary: IBM DataPower ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Jan 2016:

The DataPower Gateway must protect the authenticity of communications sessions.

DISA Rule

SV-79723r1_rule

Vulnerability Number

V-65233

Group Title

SRG-NET-000230-ALG-000113

Rule Version

WSDP-AG-000049

Severity

CAT II

CCI(s)

• CCI-001184 - The information system protects the authenticity of communications sessions.

Weight

10

Fix Recommendation

Using the WebGUI at Objects >> Crypto Configuration >> SSL Client Profile and SSL Server Profile.

Create a client and server profile for the application session requiring mutual authentication. Specify the correct protocol and cipher parameters and the correct identification and validation credentials.

Check Contents

Using the WebGUI at Objects >> Crypto Configuration >> SSL Client Profile and SSL Server Profile.

Select the profiles that are configured for the application session requiring mutual authentication. Confirm that the correct protocol and cipher parameters are set and that the correct identification and validation credentials are specified.

If these items are not configured, this is a finding.

Vulnerability Number

V-65233

Documentable

False

Rule Version

WSDP-AG-000049

Severity Override Guidance

Using the WebGUI at Objects >> Crypto Configuration >> SSL Client Profile and SSL Server Profile.

Select the profiles that are configured for the application session requiring mutual authentication. Confirm that the correct protocol and cipher parameters are set and that the correct identification and validation credentials are specified.

If these items are not configured, this is a finding.

Check Content Reference

M

Target Key

2859

Comments