STIGQter: STIG Summary: IBM DataPower ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Jan 2016:

The DataPower Gateway providing user authentication intermediary services must conform to FICAM-issued profiles.

DISA Rule

SV-79757r1_rule

Vulnerability Number

V-65267

Group Title

SRG-NET-000349-ALG-000106

Rule Version

WSDP-AG-000097

Severity

CAT II

CCI(s)

• CCI-002014 - The information system conforms to FICAM-issued profiles.

Weight

10

Fix Recommendation

Search Bar “AAA Policy” >> Select AAA Policy >> Identity Extraction “Name from SAML Authentication assertion” >> Authentication >> Method “Accept SAML assertion with valid signature”

Check Contents

Search Bar "AAA Policy" >> Select AAA Policy >> Identity Extraction "Name from SAML Authentication assertion" >> Authentication >> Method "Accept SAML assertion with valid signature".

If no AAA Policy is present, this is a finding.

Vulnerability Number

V-65267

Documentable

False

Rule Version

WSDP-AG-000097

Severity Override Guidance

Search Bar "AAA Policy" >> Select AAA Policy >> Identity Extraction "Name from SAML Authentication assertion" >> Authentication >> Method "Accept SAML assertion with valid signature".

If no AAA Policy is present, this is a finding.

Check Content Reference

M

Target Key

2859

Comments