The Ivanti MobileIron Core server must be configured with the periodicity of the following commands to the agent of six hours or less: - query connectivity status - query the current version of the managed device firmware/software - query the current version of installed mobile applications - read audit logs kept by the managed device.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-251419	IMIC-11-010900	SV-251419r806404_rule		Medium

Description
Without verification, security functions may not operate correctly and this failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters. This requirement applies to applications performing security functions and the applications performing security function verification/testing. Satisfies: FAU_NET_EXT.1.1, FMT_SMF.1.1(2) c.3 Reference: PP-MDM-411057

Description

Without verification, security functions may not operate correctly and this failure may go unnoticed. Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the protection is based. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters. This requirement applies to applications performing security functions and the applications performing security function verification/testing. Satisfies: FAU_NET_EXT.1.1, FMT_SMF.1.1(2) c.3 Reference: PP-MDM-411057

STIG	Date
Ivanti MobileIron Core MDM Server Security Technical Implementation Guide	2021-12-02

Details

Check Text ( C-54854r806387_chk )
Review the MDM server configuration settings and verify the server is configured with a periodicity for reachable events of six hours or less for the following commands to the agent: - query connectivity status; - query the current version of the MD firmware/software; - query the current version of the hardware model of the device; - query the current version of installed mobile applications; - read audit logs kept by the MD. Verify the sync interval for a device: 1. In the Admin Portal, go to Policies & Config >> Policies. 2. Select the default sync policy. 3. Verify that the Sync Interval is set to 360 minutes or less. If the Sync interval is not set to 360 minutes or less, this is a finding.

Check Text ( C-54854r806387_chk )

Review the MDM server configuration settings and verify the server is configured with a periodicity for reachable events of six hours or less for the following commands to the agent:
- query connectivity status;
- query the current version of the MD firmware/software;
- query the current version of the hardware model of the device;
- query the current version of installed mobile applications;
- read audit logs kept by the MD.

Verify the sync interval for a device:
1. In the Admin Portal, go to Policies & Config >> Policies.
2. Select the default sync policy.
3. Verify that the Sync Interval is set to 360 minutes or less.

If the Sync interval is not set to 360 minutes or less, this is a finding.

Fix Text (F-54807r806388_fix)
Configure the MDM server with a periodicity for reachable events of six hours or less for the following commands to the agent: - query connectivity status; - query the current version of the MD firmware/software; - query the current version of the hardware model of the device; - query the current version of installed mobile applications; -read audit logs kept by the MD. Configure the sync interval for a device: To configure the frequency for starting the synchronization process between a device in MobileIron Core: 1. In the Admin Portal, go to Policies & Config >> Policies. 2. Select the default sync policy. 3. Set Sync Interval to the number of minutes between synchronizations to be 360 minutes or less. 4. Click "Save".

Fix Text (F-54807r806388_fix)

Configure the MDM server with a periodicity for reachable events of six hours or less for the following commands to the agent:
- query connectivity status;
- query the current version of the MD firmware/software;
- query the current version of the hardware model of the device;
- query the current version of installed mobile applications;
-read audit logs kept by the MD.

Configure the sync interval for a device:
To configure the frequency for starting the synchronization process between a device in MobileIron Core:
1. In the Admin Portal, go to Policies & Config >> Policies.
2. Select the default sync policy.
3. Set Sync Interval to the number of minutes between synchronizations to be 360 minutes or less.
4. Click "Save".