Skip to content
Catalogs
XCCDF
Unified Endpoint Management Server Security Requirements Guide
SRG-APP-000191
The UEM server must be configured to provide a trusted communication channel between itself and authorized IT entities using [selection:
-IPsec,
-SSH,
-mutually authenticated TLS,
-mutually authenticated DTLS,
-HTTPS].
The UEM server must be configured to provide a trusted communication channel between itself and authorized IT entities using [selection:
-IPsec,
-SSH,
-mutually authenticated TLS,
-mutually authenticated DTLS,
-HTTPS]. An XCCDF Rule
The UEM server must be configured to provide a trusted communication channel between itself and authorized IT entities using [selection:
-IPsec,
-SSH,
-mutually authenticated TLS,
-mutually authenticated DTLS,
-HTTPS].
Medium Severity
<VulnDiscussion>Examples of authorized IT entities: audit server, Active Directory, software update server, and database server.
Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.
Nonlocal maintenance and diagnostic activities are activities conducted by individuals communicating through either an external network (e.g., the internet) or an internal network.
Satisfies:FTP_ITC.1.1(1) Refinement
Reference:PP-MDM-412062</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>