Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
BlackBerry 10 OS must prevent a user from using a browser that does not direct its VPN traffic to a DoD proxy server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-38314 | BB10-00-000340 | SV-50114r2_rule | Medium |
| Description |
|---|
| Proxy servers can inspect traffic for malware and other signs of a security attack. Allowing a mobile device to access the public Internet without proxy server inspection forgoes the protection that the proxy server would otherwise provide. Malware downloaded onto the device could have a wide variety of malicious consequences, including loss of sensitive DoD information. Forcing traffic to flow through a proxy server greatly mitigates the risk of access to public Internet resources. |
| STIG | Date |
|---|---|
| BlackBerry 10 OS Security Technical Implementation Guide | 2014-08-27 |
Details
| Check Text ( C-45861r3_chk ) |
|---|
| From either the Work Space or Personal Space, navigate to "Settings -> Network Connections -> VPN -> Edit". For each VPN profile, expand the configuration to "Advanced" and ensure the "Use Proxy" checkbox is checked and grayed out, with appropriate proxy information filled out (such as: "Proxy Server", "Proxy Port", "Username", "Password"). If the "Use Proxy" checkbox is unchecked, this is a finding. NOTE: Proxy server information can be configured on the VPN profile. When configured, all traffic, including browser traffic, will flow through the configured proxy server. |
| Fix Text (F-43252r2_fix) |
|---|
| On BlackBerry Device Service, open the affected VPN Profile for edit, and set "Associated Proxy Profile" to the preconfigured Proxy Profile for DoD use. |