STIGQter: STIG Summary: IBM DataPower ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Jan 2016:

The DataPower Gateway must only allow incoming communications from organization-defined authorized sources routed to organization-defined authorized destinations.

DISA Rule

SV-79769r1_rule

Vulnerability Number

V-65279

Group Title

SRG-NET-000364-ALG-000122

Rule Version

WSDP-AG-000103

Severity

CAT II

CCI(s)

CCI-002403 - The information system only allows incoming communications from organization-defined authorized sources routed to organization-defined authorized destinations.

Weight

Fix Recommendation

Type “Access Control List” in nav search. Create ACL with desired address ranges and gates. Apply this ACL to all Front Side Handlers or Firewalls.

Check Contents

Type “Access Control List” in nav search. Verify that Access Control Lists are used for all services. If Access Control lists are not used, this is a finding.

Vulnerability Number

V-65279

Documentable

False

Rule Version

WSDP-AG-000103

Severity Override Guidance

Type “Access Control List” in nav search. Verify that Access Control Lists are used for all services. If Access Control lists are not used, this is a finding.

Check Content Reference

Target Key

2859

The DataPower Gateway must only allow incoming communications from organization-defined authorized sources routed to organization-defined authorized destinations.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments