Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
BlackBerry 10 OS must prevent a user from using a browser that does not direct its Wi-Fi traffic to a DoD proxy server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-38313 | BB10-00-000330 | SV-50113r2_rule | Medium |
| Description |
|---|
| Proxy servers can inspect traffic for malware and other signs of a security attack. Allowing a mobile device to access the public Internet without proxy server inspection forgoes the protection that the proxy server would otherwise provide. Malware downloaded onto the device could have a wide variety of malicious consequences, including loss of sensitive DoD information. Forcing traffic to flow through a proxy server greatly mitigates the risk of access to public Internet resources. |
| STIG | Date |
|---|---|
| BlackBerry 10 OS Security Technical Implementation Guide | 2014-08-27 |
Details
| Check Text ( C-45860r3_chk ) |
|---|
| From either the Work Space or Personal Space, navigate to "Settings -> Network Connections -> Wi-Fi -> Saved Networks". For each saved network, ensure "Use HTTP Proxy" is set to "On" and grayed out with appropriate proxy information filled out (such as: "Proxy Server", "Proxy Port", "Username", "Password"). If "Use HTTP Proxy" is set to "Off", this is a finding. NOTE: Proxy server information can be configured on the Wi-Fi profile. When configured, all traffic, including browser traffic, will flow through the configured proxy server. |
| Fix Text (F-43251r2_fix) |
|---|
| On BlackBerry Device Service, open the affected Wi-Fi Profile for edit, and set "Associated Proxy Profile" to the preconfigured Proxy Profile for DoD use. |