IBM Aspera Platform 4.2 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-NET-000132-ALG-000087
<GroupDescription></GroupDescription>Group -
The IBM Aspera High-Speed Transfer Server must not use the root account for transfers.
<VulnDiscussion>By incorporating a least privilege approach to the configuration of the Aspera HSTS platform, this will reduce the exposure o...Rule Medium Severity -
SRG-NET-000132-ALG-000087
<GroupDescription></GroupDescription>Group -
The IBM Aspera High-Speed Transfer Server must restrict Aspera transfer users to a limited part of the server's file system.
<VulnDiscussion>By restricting the transfer users to a limited part of the server's file system, this prevents unauthorized data transfers. B...Rule Medium Severity -
SRG-NET-000138-ALG-000063
<GroupDescription></GroupDescription>Group -
The IBM Aspera High-Speed Transfer Server must restrict the transfer user(s) to the "aspshell".
<VulnDiscussion>By default, all system users can establish a FASP connection and are only restricted by file permissions. Restrict the user's...Rule Medium Severity -
SRG-NET-000015-ALG-000016
<GroupDescription></GroupDescription>Group -
The IBM Aspera High-Speed Transfer Server must restrict users from using transfer services by default.
<VulnDiscussion>Successful authentication must not automatically give an entity access to an asset or security boundary. The lack of authoriz...Rule Medium Severity -
SRG-NET-000015-ALG-000016
<GroupDescription></GroupDescription>Group -
The IBM Aspera High-Speed Transfer Server must restrict users read, write, and browse permissions by default.
<VulnDiscussion>Successful authentication must not automatically give an entity access to an asset or security boundary. The lack of authoriz...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.