Boundary protection applications must fail securely in the event of an operational failure.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-36345	SRG-APP-254-NA	SV-47749r1_rule		Medium

Description
Fail secure is a condition achieved by the application of a set of information system mechanisms to ensure that in the event of an operational failure of a boundary protection device at a managed interface (e.g., router, firewall, guard, application gateway residing on a protected sub network commonly referred to as a demilitarized zone), the system does not enter into an unsecure state where intended security properties no longer hold. A failure of a boundary protection device cannot lead to, or cause information external to the boundary protection device to enter the device, nor can a failure permit unauthorized information release. Rationale for non-applicability: The MDM server is not a boundary protection application.

Description

Fail secure is a condition achieved by the application of a set of information system mechanisms to ensure that in the event of an operational failure of a boundary protection device at a managed interface (e.g., router, firewall, guard, application gateway residing on a protected sub network commonly referred to as a demilitarized zone), the system does not enter into an unsecure state where intended security properties no longer hold. A failure of a boundary protection device cannot lead to, or cause information external to the boundary protection device to enter the device, nor can a failure permit unauthorized information release. Rationale for non-applicability: The MDM server is not a boundary protection application.

STIG	Date
Mobile Device Manager Security Requirements Guide	2013-01-24

Details

Check Text ( C-44584r1_chk )
This requirement is NA for the MDM server SRG.

Fix Text (F-40874r1_fix)
The requirement is NA. No fix is required.