Skip to content

IBM DataPower Network Device Management Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The DataPower Gateway must generate unique session identifiers using a FIPS 140-2 approved random number generator.

    <VulnDiscussion>Sequentially generated session IDs can be easily guessed by an attacker. Employing the concept of randomness in the generatio...
    Rule Medium Severity
  • SRG-APP-000268-NDM-000274

    <GroupDescription></GroupDescription>
    Group
  • The DataPower Gateway must activate a system alert message, send an alarm, and/or automatically shut down when a component failure is detected.

    &lt;VulnDiscussion&gt;Predictable failure prevention requires organizational planning to address device failure issues. If components key to mainta...
    Rule Medium Severity
  • SRG-APP-000291-NDM-000275

    <GroupDescription></GroupDescription>
    Group
  • The DataPower Gateway must generate alerts that can be forwarded to the administrators and ISSO when accounts are created.

    &lt;VulnDiscussion&gt;Once an attacker establishes initial access to a system, the attacker often attempts to create a persistent method of reestab...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules