The firewall protecting the BlackBerry Enterprise Mobility Server (BEMS) must be configured so that only DOD-approved ports, protocols, and services are enabled.

Description

<VulnDiscussion>All ports, protocols, and services used on DOD networks must be approved and registered via the DOD PPSM process. This is to ensure that a risk assessment has been completed before a new port, protocol, or service is configured on a DOD network and has been approved by proper DOD authorities. Otherwise, the new port, protocol, or service could cause a vulnerability to the DOD network, which could be exploited by an adversary. See the DOD Ports, Protocols, Services Management (PPSM) Category Assurance Levels (CAL) list for DOD-approved ports, protocols, and services.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>