I - Mission Critical Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000516-AS-000237
<GroupDescription></GroupDescription>Group -
The BlackBerry Enterprise Mobility Server (BEMS) must be configured to use DoD certificates for SSL.
<VulnDiscussion>Untrusted Certificate Authorities (CA) can issue certificates, but they may be issued by organizations or individuals that se...Rule Medium Severity -
SRG-APP-000516-AS-000237
<GroupDescription></GroupDescription>Group -
The BlackBerry Enterprise Mobility Server (BEMS) must be configured with an inactivity timeout of 15 minutes or less.
<VulnDiscussion>A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinit...Rule Medium Severity -
SRG-APP-000516-AS-000237
<GroupDescription></GroupDescription>Group -
If the Mail service (Push Notifications support for BlackBerry Work) is installed on the BlackBerry Enterprise Mobility Server (BEMS), it must be configured to use Windows Authentication for the database connection.
<VulnDiscussion>To assure accountability and prevent unauthorized access, organizational users must be identified and authenticated. Organiza...Rule Medium Severity -
SRG-APP-000516-AS-000237
<GroupDescription></GroupDescription>Group -
If the Mail service (Push Notifications support for BlackBerry Work) is installed on the BlackBerry Enterprise Mobility Server (BEMS), it must be configured to use Windows Integrated Authentication for the Exchange connection.
<VulnDiscussion>To assure accountability and prevent unauthorized access, organizational users must be identified and authenticated. Organiza...Rule Medium Severity -
SRG-APP-000516-AS-000237
<GroupDescription></GroupDescription>Group -
If the Mail service (Push Notifications support for BlackBerry Work) is installed on the BlackBerry Enterprise Mobility Server (BEMS), it must be configured to Enable SSL LDAP when using LDAP Lookup for users.
<VulnDiscussion>Preventing the disclosure of transmitted information requires that applications take measures to employ some form of cryptogr...Rule Medium Severity -
SRG-APP-000516-AS-000237
<GroupDescription></GroupDescription>Group -
If the Mail service (Push Notifications support for BlackBerry Work) is installed on the BlackBerry Enterprise Mobility Server (BEMS), it must be configured to Enable SSL LDAP for certificate directory lookup.
<VulnDiscussion>Preventing the disclosure of transmitted information requires that applications take measures to employ some form of cryptogr...Rule Medium Severity -
SRG-APP-000516-AS-000237
<GroupDescription></GroupDescription>Group -
If the BlackBerry Connect service is installed on the BlackBerry Enterprise Mobility Server (BEMS), it must be configured to use Windows Authentication for the database connection.
<VulnDiscussion>To assure accountability and prevent unauthorized access, organizational users must be identified and authenticated. Organiza...Rule Medium Severity -
SRG-APP-000516-AS-000237
<GroupDescription></GroupDescription>Group -
If the BlackBerry Connect service is installed on the BlackBerry Enterprise Mobility Server (BEMS), it must be configured to enable SSL support for BlackBerry Proxy and use only DoD approved certificates.
<VulnDiscussion>Preventing the disclosure of transmitted information requires that applications take measures to employ some form of cryptogr...Rule Medium Severity -
SRG-APP-000516-AS-000237
<GroupDescription></GroupDescription>Group -
If the BlackBerry Docs service is installed on the BlackBerry Enterprise Mobility Server (BEMS), it must be configured to use Windows Authentication for the database connection.
<VulnDiscussion>To assure accountability and prevent unauthorized access, organizational users must be identified and authenticated. Organiza...Rule Medium Severity -
SRG-APP-000516-AS-000237
<GroupDescription></GroupDescription>Group -
If the BlackBerry Docs service is installed on the BlackBerry Enterprise Mobility Server (BEMS), it must be configured to use NTLM authentication.
<VulnDiscussion>To assure accountability and prevent unauthorized access, organizational users must be identified and authenticated. Organiza...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.