STIGQter: STIG Summary: IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

Access to the MQ Appliance network element must use two or more authentication servers for the purpose of granting administrative access.

DISA Rule

SV-89599r1_rule

Vulnerability Number

V-74925

Group Title

SRG-APP-000023-NDM-000205

Rule Version

MQMH-ND-000060

Severity

CAT II

CCI(s)

• CCI-000015 - The organization employs automated mechanisms to support the information system account management functions.

Weight

10

Fix Recommendation

Log on to the MQ Appliance WebGUI as a privileged user. Go to Administration (gear icon) >> Access >> RBM Settings.

Set Authentication Method to LDAP. Configure a Load Balancer Group that includes two or more LDAP authentication servers.

Configure LDAP server connection settings as required.

Check Contents

Log on to the MQ Appliance WebGUI as a privileged user. Go to Administration (gear icon) >> Access >> RBM Settings.

Review LDAP configuration. Verify the LDAP configuration includes a Load Balancer Group that includes two or more authentication servers.

If the LDAP configuration does not include a Load Balancer Group that includes two or more authentication servers, this is a finding.

Vulnerability Number

V-74925

Documentable

False

Rule Version

MQMH-ND-000060

Severity Override Guidance

Log on to the MQ Appliance WebGUI as a privileged user. Go to Administration (gear icon) >> Access >> RBM Settings.

Review LDAP configuration. Verify the LDAP configuration includes a Load Balancer Group that includes two or more authentication servers.

If the LDAP configuration does not include a Load Balancer Group that includes two or more authentication servers, this is a finding.

Check Content Reference

M

Target Key

3243

Comments