STIGQter: STIG Summary: IBM DataPower ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Jan 2016:

The DataPower Gateway must implement load balancing to limit the effects of known and unknown types of Denial of Service (DoS) attacks.

DISA Rule

SV-79763r1_rule

Vulnerability Number

V-65273

Group Title

SRG-NET-000362-ALG-000120

Rule Version

WSDP-AG-000100

Severity

CAT II

CCI(s)

• CCI-002385 - The information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards.

Weight

10

Fix Recommendation

Type “Load Balancer Group” in nav search >> Add >> Algorithm select algorithm.

Type “XML Manager” in nav search >> Add >> Load Balance Groups load balance group.

Associate this XML Manager with all active services.

Check Contents

Type “Load Balancer Group” in nav search.

Check the configuration of all active services and verify that the XML Manager used by the service has an active Load Balancer Group.

If no Load Balancer group is present, this is a finding.

Vulnerability Number

V-65273

Documentable

False

Rule Version

WSDP-AG-000100

Severity Override Guidance

Type “Load Balancer Group” in nav search.

Check the configuration of all active services and verify that the XML Manager used by the service has an active Load Balancer Group.

If no Load Balancer group is present, this is a finding.

Check Content Reference

M

Target Key

2859

Comments