IBM Aspera Platform 4.2 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-NET-000132-ALG-000087
<GroupDescription></GroupDescription>Group -
The IBM Aspera High-Speed Transfer Server must set the default docroot to an empty folder.
<VulnDiscussion>By restricting the default document root for the Aspera HSTS, this allows for explicit access to be defined on a per user bas...Rule Medium Severity -
SRG-NET-000512-ALG-000062
<GroupDescription></GroupDescription>Group -
The IBM Aspera High-Speed Transfer Server private/secret cryptographic keys file must be group-owned by root to prevent unauthorized read access.
<VulnDiscussion>Private key data is used to prove that the entity presenting a public key certificate is the certificate's rightful owner. Co...Rule Medium Severity -
SRG-NET-000512-ALG-000062
<GroupDescription></GroupDescription>Group -
The IBM Aspera High-Speed Transfer Server private/secret cryptographic keys file must have a mode of 0600 or less permissive to prevent unauthorized read access.
<VulnDiscussion>Private key data is used to prove that the entity presenting a public key certificate is the certificate's rightful owner. Co...Rule Medium Severity -
SRG-NET-000344-ALG-000098
<GroupDescription></GroupDescription>Group -
The IBM Aspera High-Speed Transfer Server must prohibit the use of cached authenticators after an organization-defined time period.
<VulnDiscussion>If the cached authenticator information is out of date, the validity of the authentication information may be questionable. ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.