STIGQter: STIG Summary: IBM MaaS360 with Watson v10.x MDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 26 Apr 2019:

The firewall protecting the MaaS360 server platform must be configured to restrict all network traffic to and from all addresses with the exception of ports, protocols, and IP address ranges required to support MaaS360 server and platform functions.

DISA Rule

SV-96903r1_rule

Vulnerability Number

V-82189

Group Title

PP-MDM-331005

Rule Version

M360-10-200200

Severity

CAT II

CCI(s)

• CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

10

Fix Recommendation

Configure the firewall on the MaaS360 server to only permit ports, protocols, and IP address ranges necessary for operation.

Check Contents

Ask the MaaS360 administrator for a list of ports, protocols, and IP address ranges necessary to support MaaS360 server and platform functionality. A list can usually be found in the STIG Supplemental document or MDM product documentation.

Compare the list against the configuration of the firewall and identify discrepancies.

If the host-based firewall is not configured to support only those ports, protocols, and IP address ranges necessary for operation, this is a finding.

Vulnerability Number

V-82189

Documentable

False

Rule Version

M360-10-200200

Severity Override Guidance

Ask the MaaS360 administrator for a list of ports, protocols, and IP address ranges necessary to support MaaS360 server and platform functionality. A list can usually be found in the STIG Supplemental document or MDM product documentation.

Compare the list against the configuration of the firewall and identify discrepancies.

If the host-based firewall is not configured to support only those ports, protocols, and IP address ranges necessary for operation, this is a finding.

Check Content Reference

M

Target Key

3403

Comments