The ISEC7 EMM Suite must accept Personal Identity Verification (PIV) credentials.

An XCCDF Rule

Description

<VulnDiscussion>The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access. DoD has mandated the use of the CAC to support identity management and personal authentication for systems covered under HSPD 12, as well as a primary component of layered protection for national security systems.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-224769r505933_rule
Severity: Low
References: CCI-001953
Updated: about 1 year ago

Log in to the ISEC7 EMM Console.

Navigate to Administration >> Configuration >> Settings.
Check the CAC login box.
On the ISEC7 EMM Suite server, browse to the install directory.
Default is %Install Drive%/Program Files/ISEC7 EMM Suite.Select the conf folder.
Open config.properties and add the following lines:

    cacUserUIDRegex=^CN=[^0-9]*\\.([0-9]+),
    cacUserUIDProperty=UserPrincipalName

Browse to %Install Drive%/Program Files >> ISEC7 EMM Suite >> Tomcat >> conf
Open the server.xml file and add clientAuth="required" under the Connection.

The ISEC7 EMM Suite must accept Personal Identity Verification (PIV) credentials.

Description

Remediation - Manual Procedure