UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The DataPower Gateway must prohibit the use of cached authenticators after an organization-defined time period.


Overview

Finding ID Version Rule ID IA Controls Severity
V-65167 WSDP-NM-000115 SV-79657r1_rule Medium
Description
Some authentication implementations can be configured to use cached authenticators. If cached authentication information is out-of-date, the validity of the authentication information may be questionable. The organization-defined time period should be established for each device depending on the nature of the device; for example, a device with just a few administrators in a facility with spotty network connectivity may merit a longer caching time period than a device with many administrators.
STIG Date
IBM DataPower Network Device Management Security Technical Implementation Guide 2016-01-21

Details

Check Text ( C-65795r1_chk )
Go to Administration >> Access >> RBM Settings. Click on the Authentication tab. Verify cache mode is set to absolute and set timeout value is set. If it is not, this is a finding.
Fix Text (F-71107r1_fix)
Go to Administration >> Access >> RBM Settings. Click on the Authentication tab. Set cache mode to absolute and set timeout value as needed.