STIGQter: STIG Summary: CA API Gateway ALG Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Apr 2017:

The CA API Gateway that provides intermediary services for TLS must be configured to comply with the required TLS settings in NIST SP 800-52.

DISA Rule

SV-85939r1_rule

Vulnerability Number

V-71315

Group Title

SRG-NET-000062-ALG-000150

Rule Version

CAGW-GW-000190

Severity

CAT II

CCI(s)

CCI-000068 - The information system implements cryptographic mechanisms to protect the confidentiality of remote access sessions.

Weight

Fix Recommendation

Open the CA API Gateway - Policy Manager.

Select "Manage Cluster-Wide Properties" from the "Tasks" menu.

Click "Add" and select "security.fips.enabled" from the "Key:" drop-down list.

Set the value to "true" and click "OK".

Check Contents

Open the CA API Gateway - Policy Manager.

Select "Manage Cluster-Wide Properties" from the "Tasks" menu.

If the "security.fips.enabled" property is not listed or is set to false, this is a finding.

Vulnerability Number

V-71315

Documentable

False

Rule Version

CAGW-GW-000190

Severity Override Guidance

Open the CA API Gateway - Policy Manager.

Select "Manage Cluster-Wide Properties" from the "Tasks" menu.

If the "security.fips.enabled" property is not listed or is set to false, this is a finding.

Check Content Reference

Target Key

3049

The CA API Gateway that provides intermediary services for TLS must be configured to comply with the required TLS settings in NIST SP 800-52.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments