Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
CA API Gateway ALG Security Technical Implementation Guide
SRG-NET-000362-ALG-000120
The CA API Gateway must implement load balancing to limit the effects of known and unknown types of Denial of Service (DoS) attacks.
The CA API Gateway must implement load balancing to limit the effects of known and unknown types of Denial of Service (DoS) attacks.
An XCCDF Rule
Details
Profiles
Prose
The CA API Gateway must implement load balancing to limit the effects of known and unknown types of Denial of Service (DoS) attacks.
Medium Severity
<VulnDiscussion>If the network does not provide safeguards against DoS attacks, network resources will be unavailable to users. Load balancing provides service redundancy, which reduces the susceptibility of the ALG to many DoS attacks. The ALG must be configured to prevent or mitigate the impact on network availability and traffic flow of DoS attacks that have occurred or are ongoing. This requirement applies to the network traffic functionality of the device as it pertains to handling network traffic. Some types of attacks may be specialized to certain network technologies, functions, or services. For each technology, known and potential DoS attacks must be identified and solutions for each type implemented. The CA API Gateway is designed to run as a cluster behind any industry standard load balancer. When routing to back-end services, the Gateway itself can also provide load balancing across back ends as described in the Check and Fix content if needed to support additional protection against DoS attacks.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>