Title

The IBM z/VM CA VM:Secure product must be installed and operating. (Cat II impact)

Discussion

Remote access services, such as those providing remote access to network devices and information systems, which lack automated monitoring capabilities, increase risk and make remote user access management difficult at best. Remote access is access to DoD nonpublic information systems by an authorized user (or an information system) communicating through an external, non-organization-controlled network. Remote access methods include, for example, dial-up, broadband, and wireless.

Check Content

Verify that CA VM:Secure is operational on the system by entering the following command: From the “CMS” command line enter “VMSECURE VERSION”. If there is no response “VMSECURE” is not logged on, this is a finding.

Fix Text

CA VM:Secure product audits all commands. Ensure that CA VM:Secure product is installed and operational.

Additional Identifiers

Rule ID:

Vulnerability ID: IBMZ-VM-000100

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.