Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-19201 | WIR1315-03 | SV-21090r4_rule | ECSC-1 | Low |
Description |
---|
Only authorized servers should be able to push content to BlackBerry devices. |
STIG | Date |
---|---|
BlackBerry Enterprise Server, Part 2 Security Technical Implementation Guide | 2012-02-02 |
Check Text ( C-23137r3_chk ) |
---|
Verify the site has configured the BES to require trusted connections to push enclave application or web servers, using the following procedure. -On the BAS, go to Servers and components > BlackBerry Solution topology > BlackBerry Domain > MDS Connection Service. -Click Edit components. -Click the HTTPS tab. -Verify Allow Untrusted Servers is set to “No”. -Click the TLS tab. -Verify Allow Untrusted Servers is set to “No”. Mark as a finding if any of these settings are not correct. Verify a keystore file has been set up (webserver.keystore) at the following location on the BES: - Mark as a finding if the keystore file is not found. |
Fix Text (F-23374r1_fix) |
---|
The BES must be configured to accept only trusted connections to back-office enclave application or web push servers. |