STIGViewer Trial workspace — loading your subscription…

The DataPower Gateway must use automated mechanisms to alert security personnel to threats identified by authoritative sources (e.g., CTOs) and in accordance with CJCSM 6510.01B.

Overview

Finding IDVersionRule IDIA ControlsSeverity
V-65173WSDP-NM-000131SV-79663r1_ruleCCI-000366medium
Description
By immediately displaying an alarm message, potential security violations can be identified more quickly even when administrators are not logged into the network device. An example of a mechanism to facilitate this would be through the utilization of SNMP traps.
STIGDate
IBM DataPower Network Device Management Security Technical Implementation Guide2017-10-05

Related Frameworks

4 paths across 3 frameworks
NIST 800-531 mapping
CM-6
1.00
  • DISA · V1R2 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
  • DISA · V1R2 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
  • DISA · V1R2 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
  • DISA · V1R2 · disa_xccdf · related

Details

Check Text (C-79663r1_chk)

Go to Administration >> Access >> SNMP Settings. Verify the IP address, port, and security settings. Go to the Trap and Notification Targets tab. Verify the remote server/receiver information. If these values have not been set, this is a finding.

Fix Text (F-71113r1_fix)

Go to Administration >> Access >> SNMP Settings. Configure the IP address, port, and security settings. Go to the Trap and Notification Targets tab. Enter the remote server/receiver information.