Connection to the Internet for IBM remote support must be in compliance with mitigations specified in the Ports and Protocols and Services Management (PPSM) requirements.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| high | V-256891 | SRG-OS-000480-GPOS-00227 | HMC0225 | SV-256891r991589_rule | 2024-06-24 | 2 |
| Description |
|---|
| Failure to securely connect to remote sites can leave systems open to multiple attacks and security violations through the network. Failure to securely implement remote support connections can lead to unauthorized access or denial of service attacks on theHardware Management Console. |
| ℹ️ Check |
|---|
| Have the Network Security Engineer check, that the remote Internet connection for IBM RSF support has met the mitigations outlined in Vulnerability Analysis for port 443/SSL in the PPSM requirements. |
| ✔️ Fix |
|---|
| Have the Network Security Officer validate that the Internet connection meets the specifications in the PPSM requirements. |