III - Administrative Sensitive
Rules and Groups employed by this XCCDF Profile
-
PP-MDM-323202
<GroupDescription></GroupDescription>Group -
The MaaS360 MDM server must be configured to enable all required audit events (if function is not automatically implemented during MDM/MAS server install): a. Failure to push a new application on a managed mobile device.
<VulnDiscussion>Failure to generate these audit records makes it more difficult to identify or investigate attempted or successful compromise...Rule Low Severity -
PP-MDM-323202
<GroupDescription></GroupDescription>Group -
The MaaS360 server must be configured to enable all required audit events (if function is not automatically implemented during MDM/MAS server install): b. Failure to update an existing application on a managed mobile device.
<VulnDiscussion>Failure to generate these audit records makes it more difficult to identify or investigate attempted or successful compromise...Rule Low Severity -
PP-MDM-331004
<GroupDescription></GroupDescription>Group -
The MaaS360 server platform must be protected by a DoD-approved firewall.
<VulnDiscussion>Most information systems are capable of providing a wide variety of functions and services. Some of the functions and service...Rule Medium Severity -
PP-MDM-331005
<GroupDescription></GroupDescription>Group -
The firewall protecting the MaaS360 server platform must be configured to restrict all network traffic to and from all addresses with the exception of ports, protocols, and IP address ranges required to support MaaS360 server and platform functions.
<VulnDiscussion>Most information systems are capable of providing a wide variety of functions and services. Some of the functions and service...Rule Medium Severity -
PP-MDM-331006
<GroupDescription></GroupDescription>Group -
The firewall protecting the MaaS360 server platform must be configured so that only DoD-approved ports, protocols, and services are enabled. (See the DoD Ports, Protocols, Services Management [PPSM] Category Assurance Levels [CAL] list for DoD-approved ports, protocols, and services.)
<VulnDiscussion>All ports, protocols, and services used on DoD networks must be approved and registered via the DoD PPSM process. This is to ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.