Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Device Transport Key must be configured on the BES for AES encryption.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-11877 | WIR1330-01 | SV-12377r10_rule | ECSC-1 | Low |
| Description |
|---|
| AES encryption provides a higher level of security for BlackBerry data. |
| STIG | Date |
|---|---|
| BlackBerry Enterprise Server, Part 2 Security Technical Implementation Guide | 2011-09-30 |
Details
| Check Text ( C-26018r3_chk ) |
|---|
| Work with the BlackBerry SA to view the BES configuration setting. In the Supported Encryption Algorithms section, verify that "AES" or "Triple DES and AES" is selected. For BES 5.0 -BAS > Server and components menu > BlackBerry solution topology > BlackBerry Server. -Click on a server instance . -Check Encryption Algorithm setting. Verify the setting is correct. For BES 4.1.x In BlackBerry Manager, click on a BES to review. - Select the Server Configuration tab. - Click on Edit Properties. - Click on General in Properties list. - Check Encryption Algorithm setting. Verify the setting is correct. Note: The following BlackBerry devices have BlackBerry Handheld Software versions earlier than 4.0, which uses 3DES encryption instead of AES: 5820, 5810, 5790, 957, 950, 857, and 850. These older BlackBerry devices should not be used in the DoD since they cannot support some required BlackBerry security features. |
| Fix Text (F-23377r2_fix) |
|---|
| The Device Transport Key will be configured on the BES for AES encryption. |