Connection to the Internet for IBM remote support must be in compliance with the Remote Access STIGs.
An XCCDF Rule
Description
<VulnDiscussion>Failure to securely connect to remote sites can leave systems open to multiple attacks and security violations through the network. Failure to securely implement remote support connections can lead to unauthorized access or denial of service attacks on the Hardware Management Console.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><Responsibility>Network Security Officer</Responsibility><IAControls>EBRP-1, EBRU-1</IAControls>
- ID
- SV-31580r2_rule
- Severity
- High
- References
- Updated
Remediation - Manual Procedure
The Network Security Officer or System Programmer should make any changes required for IBM RSF to meet the requirements stipulated in the Remote Access STIGs. Also any documentation or letters of Attestation should be placed on file with the IAM/IAO. The letter of attestation must be signed by an authorized representative of IBM. The letter should contain certification that the security measures identified in the Remote Access STIGs are in compliance.