STIGQter: STIG Summary: IBM DataPower ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Jan 2016:

The DataPower Gateway providing content filtering must be configured to integrate with a system-wide intrusion detection system.

DISA Rule

SV-79773r1_rule

Vulnerability Number

V-65283

Group Title

SRG-NET-000383-ALG-000135

Rule Version

WSDP-AG-000107

Severity

CAT III

CCI(s)

• CCI-002656 - The organization configures individual intrusion detection tools into an information system-wide intrusion detection system.

Weight

10

Fix Recommendation

In the DataPower web interface, navigate to Administration >> Access >> SNMP Settings.

Configure the "Trap Event Subscriptions" tab to include desired event codes. Set the Notification Targets tab to include an approved SNMP server that generates alerts that will be forwarded to the system-wide intrusion detection system.

Check Contents

In the DataPower web interface, navigate to Administration >> Access >> SNMP Settings.

Verify that Trap Event Subscriptions are associated with intrusion detection. Verify that Trap and Notification Targets includes an approved SNMP server that generates alerts that will be forwarded to the system-wide intrusion detection system.

If no trap event subscriptions are configured on no SNMP server configured as a target, this is a finding.

Vulnerability Number

V-65283

Documentable

False

Rule Version

WSDP-AG-000107

Severity Override Guidance

In the DataPower web interface, navigate to Administration >> Access >> SNMP Settings.

Verify that Trap Event Subscriptions are associated with intrusion detection. Verify that Trap and Notification Targets includes an approved SNMP server that generates alerts that will be forwarded to the system-wide intrusion detection system.

If no trap event subscriptions are configured on no SNMP server configured as a target, this is a finding.

Check Content Reference

M

Target Key

2859

Comments