BlackBerry 10 OSs VPN client must use either IPsec or SSL/TLS when connecting to DoD networks.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-48597 | BB10-2X-000270 | SV-61473r1_rule | Medium |
| Description |
|---|
| Use of non-standard communications protocols can affect both the availability and confidentiality of communications. IPsec and SSL/TLS are both well-known and tested protocols that provide strong assurance with respect to both IA and interoperability. |
| STIG | Date |
|---|---|
| BlackBerry 10.2.x OS Security Technical Implementation Guide | 2014-04-10 |
Details
| Check Text ( C-50923r1_chk ) |
|---|
| From either the Work Space or Personal Space, navigate to "Settings -> Network Connections -> VPN". Select "Edit" to edit a VPN Profile. For each VPN Profile connecting to DoD networks: - Select the VPN Profile to edit. - Ensure "Gateway Type" is set to a type which supports and utilizes IPsec and SSL/TLS. Otherwise, this is a finding. NOTE: If no VPN profiles are saved, this requirement is NA. |
| Fix Text (F-52203r1_fix) |
|---|
| On BlackBerry Device Service, select the affected VPN Profile for edit, and set "Gateway Type" to a type which supports and utilizes IPsec and SSL/TLS. |