STIGQter: STIG Summary: BlackBerry Enterprise Mobility Server 2.x Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jul 2020:

If the BlackBerry Docs service is installed on the BlackBerry Enterprise Mobility Server (BEMS), it must be configured to use NTLM authentication.

DISA Rule

SV-93749r1_rule

Vulnerability Number

V-79043

Group Title

SRG-APP-000516-AS-000237

Rule Version

BEMS-00-014500

Severity

CAT II

CCI(s)

CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

Fix Recommendation

Configure NTLM authentication for the BlackBerry Docs service as follows:

1. In the BEMS Dashboard, under "Good Services Configuration", click "Docs".
2. Click "Web Proxy".
3. Select the "Use Web Proxy".
4. In the Proxy Server Authentication Type drop-down list, select "NTLM authentication".
5. Click "Save".

Check Contents

This requirement is not applicable if the BlackBerry Docs service is not enabled on BEMS.

Verify NTLM authentication is enabled for the BlackBerry Docs service as follows:

1. In the BEMS Dashboard, under "Good Services Configuration", click "Docs".
2. Click "Web Proxy".
3. Select "Use Web Proxy".
4. In the Proxy Server Authentication Type drop-down list, verify "NTLM authentication" is selected.

If NTLM authentication is not enabled for the BlackBerry Docs service, this is a finding.

Vulnerability Number

V-79043

Documentable

False

Rule Version

BEMS-00-014500

Severity Override Guidance

Check Content Reference

Target Key

3259

If the BlackBerry Docs service is installed on the BlackBerry Enterprise Mobility Server (BEMS), it must be configured to use NTLM authentication.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments