STIGQter: STIG Summary: CA API Gateway ALG Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Apr 2017:

The CA API Gateway must enforce approved authorizations for logical access to information and system resources by employing identity-based, role-based, and/or attribute-based security policies.

DISA Rule

SV-85907r1_rule

Vulnerability Number

V-71283

Group Title

SRG-NET-000015-ALG-000016

Rule Version

CAGW-GW-000100

Severity

CAT II

CCI(s)

• CCI-000213 - The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Weight

10

Fix Recommendation

Open the CA API Gateway - Policy Manager.

Double-click all Registered Services and add the "Authenticate User or Group" assertion.

Select from a list of Identity providers in the drop-down list and click "Search".

Chose from the list of users and groups to grant/authorize access to the Registered Service and click "Select".

Check Contents

Open the CA API Gateway - Policy Manager.

Double-click all Registered Services and verify the "Request: Authenticate User or Group" assertion has been added and enabled within the Services in accordance with organizational requirements.

If it has not, this is a finding.

Vulnerability Number

V-71283

Documentable

False

Rule Version

CAGW-GW-000100

Severity Override Guidance

Open the CA API Gateway - Policy Manager.

Double-click all Registered Services and verify the "Request: Authenticate User or Group" assertion has been added and enabled within the Services in accordance with organizational requirements.

If it has not, this is a finding.

Check Content Reference

M

Target Key

3049

Comments