IBM DataPower ALG Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The DataPower Gateway providing user authentication intermediary services must conform to FICAM-issued profiles.
Without conforming to Federal Identity, Credential, and Access Management (FICAM)-issued profiles, the information system may not be interoperable with FICAM-authentication protocols, such as SAML ...Rule Medium Severity -
The DataPower Gateway providing content filtering must protect against known and unknown types of Denial of Service (DoS) attacks by employing rate-based attack prevention behavior analysis (traffic thresholds).
If the network does not provide safeguards against DoS attacks, network resources will be unavailable to users. Installation of content filtering gateways and application layer firewalls at key bo...Rule High Severity -
The DataPower Gateway providing content filtering must protect against known types of Denial of Service (DoS) attacks by employing signatures.
If the network does not provide safeguards against DoS attacks, network resources will be unavailable to users. Installation of content filtering gateways and application layer firewalls at key b...Rule Medium Severity -
The DataPower Gateway must only allow incoming communications from organization-defined authorized sources routed to organization-defined authorized destinations.
Unrestricted traffic may contain malicious traffic which poses a threat to an enclave or to other connected networks. Additionally, unrestricted traffic may transit a network, which uses bandwidth ...Rule Medium Severity -
The DataPower Gateway providing content filtering must continuously monitor inbound communications traffic crossing internal security boundaries for unusual or unauthorized activities or conditions.
If inbound communications traffic is not continuously monitored, hostile activity may not be detected and prevented. Output from application and traffic monitoring serves as input to continuous mon...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.