The CA API Gateway must activate a system alert message, send an alarm, and/or automatically shut down when a component failure is detected.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-71537 | CAGW-DM-000190 | SV-86161r1_rule | Medium |
| Description |
|---|
| Predictable failure prevention requires organizational planning to address device failure issues. If components key to maintaining the device's security fail to function, the device could continue operating in an insecure state. If appropriate actions are not taken when a network device failure occurs, a denial of service condition may occur which could result in mission failure since the network would be operating without a critical security monitoring and prevention function. Upon detecting a failure of network device security components, the network device must activate a system alert message, send an alarm, or shut down. |
| STIG | Date |
|---|---|
| CA API Gateway NDM Security Technical Implementation Guide | 2016-09-20 |
Details
| Check Text ( C-71909r1_chk ) |
|---|
| Verify "/usr/local/bin/failtest" script exists and is executable. Verify crontab runs "/usr/local/bin/failtest" every minute by checking cron's logfile "/var/log/cron". If "/usr/local/bin/failtest" does not exist or it is not executable, this is a finding. |
| Fix Text (F-77857r1_fix) |
|---|
| Install and configure (setup SNMP trap dest/authentication) alerter script in /usr/local/bin/failtest. Configure cron to run "/usr/local/bin/failtest" every minute as indicated by /etc/crontab entry |