Skip to content
Log In

IBM Hardware Management Console (HMC) Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-OS-000080-GPOS-00048

    Group
    Show

  • Access to the Hardware Management Console (HMC) must be restricted by assigning users proper roles and responsibilities.

    Access to the HMC if not properly controlled and restricted by assigning users proper roles and responsibilities, could allow modification to areas outside the need-to-know and abilities of the ind...
    Rule Medium Severity
    Show

  • SRG-OS-000324-GPOS-00125

    Group
    Show

  • Automatic Call Answering to the Hardware Management Console must be disabled.

    Automatic Call Answering to the Hardware Management Console allows unrestricted access by unauthorized personnel and could lead to a bypass of security, access to the system, and an altering of the...
    Rule Medium Severity
    Show

  • SRG-OS-000062-GPOS-00031

    Group
    Show

  • The Hardware Management Console Event log must be active.

    The Hardware Management Console controls the operation and availability of the Central Processor Complex (CPC). Failure to create and maintain the Hardware Management Console Event log could result...
    Rule Medium Severity
    Show

  • SRG-OS-000480-GPOS-00227

    Group
    Show

  • SRG-OS-000080-GPOS-00048

    Group
    Show

  • SRG-OS-000104-GPOS-00051

    Group
    Show

  • Individual user accounts with passwords must be maintained for the Hardware Management Console operating system and application.

    Without identification and authentication, unauthorized users could reconfigure the Hardware Management Console or disrupt its operation by logging in to the system or application and execute unau...
    Rule Medium Severity
    Show

  • SRG-OS-000077-GPOS-00045

    Group
    Show

  • The PASSWORD History Count value must be set to 10 or greater.

    History Count specifies the number of previous passwords saved for each USERID and compares it with an intended new password. If there is a match with one of the previous passwords, or with the cur...
    Rule Medium Severity
    Show

  • SRG-OS-000076-GPOS-00044

    Group
    Show

  • The PASSWORD expiration day(s) value must be set to equal or less then 60 days.

    Expiration Day(s) specifies the maximum number of days that each user's password is valid. When a user logs on to the Hardware Management Console it compares the system password interval value spec...
    Rule Medium Severity
    Show

  • SRG-OS-000021-GPOS-00005

    Group
    Show

  • A private web server must subscribe to certificates, issued from any DOD-authorized Certificate Authority (CA), as an access control mechanism for web users.

    If the Hardware Management Consoles (HMC) is network-connected, use SSL encryption techniques, through digital certificates to provide message privacy, message integrity and mutual authentication b...
    Rule Medium Severity
    Show

  • SRG-OS-000329-GPOS-00128

    Group
    Show

  • SRG-OS-000069-GPOS-00037

    Group
    Show

  • The password values must be set to meet the requirements in accordance with DODI 8500.2 for DoD information systems processing sensitive information and above, and CJCSI 6510.01E (INFORMATION ASSURANCE [IA] AND COMPUTER NETWORK DEFENSE [CND]).

    In accordance with DODI 8500.2 for DOD information systems processing sensitive information and above and CJCSI 6510.01E (INFORMATION ASSURANCE [IA] AND COMPUTER NETWORK DEFENSE [CND]). The followi...
    Rule Medium Severity
    Show

  • SRG-OS-000029-GPOS-00010

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules