STIGQter: STIG Summary: IBM DataPower ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Jan 2016:

The DataPower Gateway must be configured to support centralized management and configuration.

DISA Rule

SV-79747r1_rule

Vulnerability Number

V-65257

Group Title

SRG-NET-000333-ALG-000049

Rule Version

WSDP-AG-000089

Severity

CAT II

CCI(s)

CCI-001844 - The information system provides centralized management and configuration of the content to be captured in audit records generated by organization-defined information system components.

Weight

Fix Recommendation

In default domain >> Search Bar “SNMP Settings” >> Enterprise MIBs tab >> Download and store all DataPower MIBs >> Trap and Notification Targets tab >> Add >> Remote Hosts Address host address >> Remote Port port >> Versions snmp version >> Apply >> Apply >> Save Configuration.

If the only log target is “default-log”: Type “Log Target” in the Search field >> Log target >> Main tab>>Target Type “syslog” >> syslog Facility facility >> Local Identifier identifier >> Remote Host hostname.

Check Contents

In default domain >> Search Bar “SNMP Settings”.

If SNMP object is disabled, this is a finding.

Vulnerability Number

V-65257

Documentable

False

Rule Version

WSDP-AG-000089

Severity Override Guidance

In default domain >> Search Bar “SNMP Settings”.

If SNMP object is disabled, this is a finding.

Check Content Reference

Target Key

2859

The DataPower Gateway must be configured to support centralized management and configuration.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments