Skip to content
Log In

Ivanti MobileIron Sentry 9.x NDM Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000149-NDM-000247

    Group
    Show

  • MobileIron Sentry must be configured to use DoD PKI as multi-factor authentication (MFA) for interactive logins.

    Multi-factor authentication (MFA) is when two or more factors are used to confirm the identity of an individual who is requesting access to digital information resources. Valid factors include some...
    Rule High Severity
    Show

  • SRG-APP-000166-NDM-000254

    Group
    Show

  • SRG-APP-000167-NDM-000255

    Group
    Show

  • MobileIron Sentry must enforce password complexity by requiring that at least one lower-case character be used.

    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resistin...
    Rule Medium Severity
    Show

  • SRG-APP-000168-NDM-000256

    Group
    Show

  • SRG-APP-000169-NDM-000257

    Group
    Show

  • MobileIron Sentry must enforce password complexity by requiring that at least one special character be used.

    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resistin...
    Rule Medium Severity
    Show

  • SRG-APP-000179-NDM-000265

    Group
    Show

  • MobileIron Sentry must use FIPS 140-2 approved algorithms for authentication to a cryptographic module.

    Unapproved mechanisms that are used for authentication to the cryptographic module are not validated and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be...
    Rule High Severity
    Show

  • SRG-APP-000190-NDM-000267

    Group
    Show

  • SRG-APP-000224-NDM-000270

    Group
    Show

  • MobileIron Sentry must generate unique session identifiers using a FIPS 140-2 approved random number generator.

    Sequentially generated session IDs can be easily guessed by an attacker. Employing the concept of randomness in the generation of unique session identifiers helps to protect against brute-force att...
    Rule Medium Severity
    Show

  • SRG-APP-000360-NDM-000295

    Group
    Show

  • MobileIron Sentry must generate an immediate real-time alert of all audit failure events requiring real-time alerts.

    It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impe...
    Rule Low Severity
    Show

  • SRG-APP-000373-NDM-000298

    Group
    Show

  • MobileIron Sentry must be configured to conduct backups of system level information contained in the information system when changes occur.

    This control requires the network device to support the organizational central backup process for system-level information associated with the network device. This function may be provided by the n...
    Rule Low Severity
    Show

  • SRG-APP-000395-NDM-000310

    Group
    Show

  • The MobileIron Sentry must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC).

    Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. Bidirectional authentication provides stronger safeguards to validate the...
    Rule Medium Severity
    Show

  • SRG-APP-000412-NDM-000331

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules