The Good Mobility Suite server must block access to specific web sites via centrally managed policy.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-53149	GOOD-00-000230	SV-67365r1_rule		Medium

Description
Security-related parameters are those parameters impacting the security state of the system and include parameters related to the implementation of other IA controls. If these controls are not implemented, the system may be vulnerable to a variety of attacks. The use of a Good Mobility Suite allows an organization to assign values to security-related parameters across all the devices it manages. This provides assurance that the required mobile OS security controls are being enforced and that the device user or an adversary has not modified or disabled the controls. It also greatly increases efficiency and manageability of devices in a large-scale environment relative to an environment in which each device must be configured separately.

Description

Security-related parameters are those parameters impacting the security state of the system and include parameters related to the implementation of other IA controls. If these controls are not implemented, the system may be vulnerable to a variety of attacks. The use of a Good Mobility Suite allows an organization to assign values to security-related parameters across all the devices it manages. This provides assurance that the required mobile OS security controls are being enforced and that the device user or an adversary has not modified or disabled the controls. It also greatly increases efficiency and manageability of devices in a large-scale environment relative to an environment in which each device must be configured separately.

STIG	Date
Good for Enterprise 8.x Security Technical Implementation Guide	2014-08-18

Details

Check Text ( C-54639r1_chk )
Review the Good Mobility Suite server policy configuration to determine whether access to specific web sites has been blocked. If there are multiple policies, they must all be reviewed. Otherwise, this is a finding.

Fix Text (F-57959r2_fix)
Configure the centrally managed Good Mobility Suite server policy rule to block access to specific web sites. -Launch the Good Mobile Control Web console and click on the Settings tab -On the left tab, select Good Mobile Access (Secure Browser) -Populate the Approved DoD Proxy settings applicable to your Network -Click on Policies Tab -Select the policy set for the smart phone and click on Good Mobile Access (Secure Browser) -Check Enable access to the Intranet, click on Edit and add routeall.gmm.good, click ok and click Save. At this point the Secure Browser will utilize your DoD proxy settings.

Fix Text (F-57959r2_fix)

Configure the centrally managed Good Mobility Suite server policy rule to block access to specific web sites.

-Launch the Good Mobile Control Web console and click on the Settings tab
-On the left tab, select Good Mobile Access (Secure Browser)
-Populate the Approved DoD Proxy settings applicable to your Network
-Click on Policies Tab
-Select the policy set for the smart phone and click on Good Mobile Access (Secure Browser)
-Check Enable access to the Intranet, click on Edit and add routeall.gmm.good, click ok and click Save.

At this point the Secure Browser will utilize your DoD proxy settings.