Check: WIR1330-01
BlackBerry Enterprise Server, Part 2:
WIR1330-01
(in versions v2 r10 through v2 r8)
Title
The Device Transport Key must be configured on the BES for AES encryption. (Cat III impact)
Discussion
AES encryption provides a higher level of security for BlackBerry data.
Check Content
Work with the BlackBerry SA to view the BES configuration setting. In the Supported Encryption Algorithms section, verify that "AES" or "Triple DES and AES" is selected. -BAS >> Server and components menu >> BlackBerry solution topology >> BlackBerry Server. -Click on a server instance. -Check Encryption Algorithm setting. Verify the setting is correct. Note: The following BlackBerry devices have BlackBerry Handheld Software versions earlier than 4.0, which uses 3DES encryption instead of AES: 5820, 5810, 5790, 957, 950, 857, and 850. These older BlackBerry devices should not be used in the DoD since they cannot support some required BlackBerry security features.
Fix Text
The Device Transport Key will be configured on the BES for AES encryption.
Additional Identifiers
Rule ID: SV-12377r3_rule
Vulnerability ID: V-11877
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |