IBM Hardware Management Console (HMC) Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000104-GPOS-00051
<GroupDescription></GroupDescription>Group -
DCAF Console access must require a password to be entered by each user.
<VulnDiscussion>The DCAF Console enables an operator to access the ESCON Director Application remotely. Access to a DCAF Console by unauthori...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
Unauthorized partitions must not exist on the system complex.
<VulnDiscussion>The running of unauthorized Logical Partitions (LPARs) could allow a “Trojan horse” version of the operating environment to b...Rule Medium Severity -
SRG-OS-000080-GPOS-00048
<GroupDescription></GroupDescription>Group -
Dial-out access from the Hardware Management Console Remote Support Facility (RSF) must be restricted to an authorized vendor site.
<VulnDiscussion>Dial-out access from the Hardware Management Console could impact the integrity of the environment, by enabling the possible ...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
Dial-out access from the Hardware Management Console Remote Support Facility (RSF) must be disabled for all classified systems.
<VulnDiscussion>This feature will not be activated for any classified systems. Allowing dial-out access from the Hardware Management Console ...Rule High Severity -
SRG-OS-000324-GPOS-00125
<GroupDescription></GroupDescription>Group -
Access to the Hardware Management Console must be restricted to only authorized personnel.
<VulnDiscussion>Access to the Hardware Management Console if not properly restricted to authorized personnel could lead to a bypass of securi...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.