Skip to content

Sentry must be configured to limit the network access of the Sentry System Manager Portal behind the corporate firewall and whitelist source IP range.

An XCCDF Rule

Description

<VulnDiscussion>Device management includes the ability to control the number of administrators and management sessions that manage a device. Limiting the number of allowed administrators and sessions per administrator based on account type, role, or access type is helpful in limiting risks related to DoS attacks. This requirement addresses concurrent sessions for administrative accounts and does not address concurrent sessions by a single administrator via multiple administrative accounts. The maximum number of concurrent sessions should be defined based upon mission needs and the operational environment for each system. At a minimum, limits must be set for SSH, HTTPS, account of last resort, and root account sessions.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-250983r1028210_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Configure a secondary interface for System Manager Portal Access of Sentry.

1. Log in to the Sentry System Manager.
2. Go to Settings >> Network >> Interfaces.
3. Click an open Physical Interface such as GigabitEthernet2.
4. Configure a Management Interface for internal access of the System Manager Portal (refer to the "MobileIron Standalone Sentry 9.8.0 Installation Guide" Physical Interfaces section for more information).