UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

SSMC web server must generate information to be used by external applications or entities to monitor and control remote access.


Overview

Finding ID Version Rule ID IA Controls Severity
V-255255 SSMC-WS-010060 SV-255255r879521_rule Medium
Description
Remote access to the web server is any access that communicates through an external, non-organization-controlled network. Remote access can be used to access hosted applications or to perform management functions. By providing remote access information to an external monitoring system, the organization can monitor for cyber attacks and monitor compliance with remote access policies. The organization can also look at data organization wide and determine an attack or anomaly is occurring on the organization which might not be noticed if the data were kept local to the web server. Examples of external applications used to monitor or control access would be audit log monitoring systems, dynamic firewalls, or infrastructure monitoring systems.
STIG Date
HPE 3PAR SSMC Web Server Security Technical Implementation Guide 2023-05-17

Details

Check Text ( C-58868r869932_chk )
Verify that SSMC monitors remote access by doing the following:

1. Log on to SSH as ssmcadmin. Press "X" to escape to general bash shell.

2. Execute the following command to enable HTTP access logs:

$ sudo /ssmc/bin/config_security.sh -o http_access_log -a status

HTTP access logging is enabled.

If the command output does not read "HTTP access logging is enabled", this is a finding.
Fix Text (F-58812r869933_fix)
Configure SSMC to be monitored for remote access by doing the following:

1. Log on to SSH as ssmcadmin. Press "X" to escape to general bash shell.

2. Execute the following command to enable HTTP access logs:

$ sudo /ssmc/bin/config_security.sh -o http_access_log -a enable -f