The DataPower Gateway must employ automated mechanisms to centrally manage authentication settings.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-65177 | WSDP-NM-000134 | SV-79667r1_rule | CCI-000366 | medium |
| Description | ||||
| The use of authentication servers or other centralized management servers for providing centralized authentication services is required for network device management. Maintaining local administrator accounts for daily usage on each network device without centralized management is not scalable or feasible. Without centralized management, it is likely that credentials for some network devices will be forgotten, leading to delays in administration, which itself leads to delays in remediating production problems and in addressing compromises in a timely fashion. | ||||
| STIG | Date | |||
| IBM DataPower Network Device Management Security Technical Implementation Guide | 2017-10-05 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-6
1.00
- DISA · V1R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
- DISA · V1R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
- DISA · V1R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
- DISA · V1R2 · disa_xccdf · related
Details
Check Text (C-79667r1_chk)
Go to Administration >> Access >> RBM Settings. Verify Authentication Method is LDAP. If it is not, this is a finding.
Fix Text (F-71117r1_fix)
Go to Administration >> Access >> RBM Settings.
Set Authentication Method to LDAP.
Configure LDAP connection as needed.