Check: WSDP-NM-000131
IBM DataPower Network Device Management STIG:
WSDP-NM-000131
(in versions v1 r2 through v1 r1)
Title
The DataPower Gateway must use automated mechanisms to alert security personnel to threats identified by authoritative sources (e.g., CTOs) and in accordance with CJCSM 6510.01B. (Cat II impact)
Discussion
By immediately displaying an alarm message, potential security violations can be identified more quickly even when administrators are not logged into the network device. An example of a mechanism to facilitate this would be through the utilization of SNMP traps.
Check Content
Go to Administration >> Access >> SNMP Settings. Verify the IP address, port, and security settings. Go to the Trap and Notification Targets tab. Verify the remote server/receiver information. If these values have not been set, this is a finding.
Fix Text
Go to Administration >> Access >> SNMP Settings. Configure the IP address, port, and security settings. Go to the Trap and Notification Targets tab. Enter the remote server/receiver information.
Additional Identifiers
Rule ID: SV-79663r1_rule
Vulnerability ID: V-65173
Group Title: SRG-APP-000516-NDM-000333
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
| CCI-001274 |
The organization employs automated mechanisms to alert security personnel of organization-defined inappropriate or unusual activities with security implications. |