STIGQter: STIG Summary: IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

Access to the MQ Appliance network device must limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type.

DISA Rule

SV-89597r1_rule

Vulnerability Number

V-74923

Group Title

SRG-APP-000001-NDM-000200

Rule Version

MQMH-ND-000010

Severity

CAT II

CCI(s)

• CCI-000054 - The information system limits the number of concurrent sessions for each organization-defined account and/or account type to an organization-defined number of sessions.

Weight

10

Fix Recommendation

Log on to the MQ Appliance WebGUI as a privileged user. Go to Administration (gear icon) >> Access >> RBM Settings.

Set Authentication Method to LDAP and configure LDAP connection as required.

Note: Implementation of concurrent session limitation must be enforced by the LDAP server's control of user logons.

Check Contents

Log on to the MQ Appliance WebGUI as a privileged user. Go to Administration (gear icon) >> Access >> RBM Settings.

Verify the Authentication Method is set to LDAP.

Review LDAP server configuration settings and verify the LDAP configuration limits the number of concurrent sessions.

If MQ is not set to LDAP authentication or if LDAP is not configured to meet the requirement, this is a finding.

Vulnerability Number

V-74923

Documentable

False

Rule Version

MQMH-ND-000010

Severity Override Guidance

Log on to the MQ Appliance WebGUI as a privileged user. Go to Administration (gear icon) >> Access >> RBM Settings.

Verify the Authentication Method is set to LDAP.

Review LDAP server configuration settings and verify the LDAP configuration limits the number of concurrent sessions.

If MQ is not set to LDAP authentication or if LDAP is not configured to meet the requirement, this is a finding.

Check Content Reference

M

Target Key

3243

Comments