The firewall protecting the Omnissa WS1 UEM server platform must be configured so only DoW-approved ports, protocols, and services are enabled. (Refer to the DoW Ports, Protocols, Services Management [PPSM] Category Assurance Levels [CAL] list for DoW-approved ports, protocols, and services).

Overview

Finding IDVersionRule IDIA ControlsSeverity
V-284282OMW1-00-003700SV-284282r1224025_ruleCCI-000382medium
Description
All ports, protocols, and services used on DoW networks must be approved and registered via the DoW PPSM process. This is to ensure a risk assessment has been completed before a new port, protocol, or service is configured on a DoW network and has been approved by proper DoW authorities. Otherwise, the new port, protocol, or service could cause a vulnerability to the DoW network, which could be exploited by an adversary. Satisfies: FMT_SMF.1.1(2) Refinement b Reference: PP-MDM-431006
STIGDate
Omnissa WS1 UEM Server Security Technical Implementation Guide2026-06-15

Details

Check Text (C-284282r1224025_chk)

Review the MDM server platform configuration to determine whether a DoW-approved firewall is installed or if the platform operating system provides a firewall service that can restrict both inbound and outbound traffic by Transmission Control Protocol (TCP)/User Datagram Protocol (UDP) port and Internet Protocol (IP) address. If there is not a host-based firewall present on the MDM server platform, or if it is not configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, this is a finding.

Fix Text (F-88751r1224024_fix)

Install and configure a DoW-approved firewall to protect the network segment on which the Workspace ONE UEM server is installed.