The MDM server must be able to filter both inbound and outbound traffic based on IP address and UDP/TCP port.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36048 | SRG-APP-250-MDM-044-SRV | SV-47437r1_rule | High |
| Description |
|---|
| A host-based boundary protection mechanism is a host-based firewall. Host-based boundary protection mechanisms are employed on mobile devices, such as notebook/laptop computers, and other types of mobile devices where such boundary protection mechanisms are available. This helps mitigate attacks at the network interface. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44287r1_chk ) |
|---|
| Examine the server configuration to determine whether there is a DoD approved host-based firewall installed, and configured to filter both inbound and outbound traffic based on IP address and UDP/TCP port. If no firewall is installed, this is a finding. If a non-approved firewall is installed, this is a finding. |
| Fix Text (F-40578r1_fix) |
|---|
| Remove any non-approved firewalls if present. Install a DoD approved host-based firewall, and configure to filter both inbound and outbound traffic based on IP address and UDP/TCP port. |