STIGQter: STIG Summary: CA API Gateway ALG Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Apr 2017: STIGQter: STIG Summary: CA API Gateway ALG Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Apr 2017:SV-86017r1_rule
V-71393
SRG-NET-000313-ALG-000010
CAGW-GW-000520
CAT II
10
Open the CA API GW - Policy Manager.
Select the Registered Services that do not have controls for Access Methods that are responsible for remote access communications traffic, such as FTP, HTTP, HTTPS, etc.
Using the Message Routing Policy Assertions, customize the security policies for the Services to include the various types of communications protocols, such as FTP, HTTP, HTTPS, etc. Include only the required organizational remote access protocols.
Additionally, select Tasks >> Manage Listen Ports and create the required listen ports for the remote access methods needed. If policies are required to be attached to the port, as is the case with an FTP Listen port, assign the policy to the listen port in accordance with organizational requirements for managing and monitoring the remote access protocol and communication traffic.
All other communications protocols and methods will be rejected.
Open the CA API GW - Policy Manager.
Verify the Services requiring remote access controls are registered on the Gateway.
Check each Service's policy and verify the required communications protocols' Assertions have been added as per organizational requirements.
Additionally, select Tasks >> Manage Listen Ports and verify listen ports have been created for each type of Remote Access, such as HTTP, HTTPS, FTP, etc.
If the required communication protocols have not been set in the policies or the listen ports have not been configured, this is a finding.
V-71393
False
CAGW-GW-000520
Open the CA API GW - Policy Manager.
Verify the Services requiring remote access controls are registered on the Gateway.
Check each Service's policy and verify the required communications protocols' Assertions have been added as per organizational requirements.
Additionally, select Tasks >> Manage Listen Ports and verify listen ports have been created for each type of Remote Access, such as HTTP, HTTPS, FTP, etc.
If the required communication protocols have not been set in the policies or the listen ports have not been configured, this is a finding.
M
3049