The UEM server must be configured to invoke either host-OS functionality or server functionality to provide a trusted communication channel between itself and remote administrators that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection:-IPsec,-SSH,-TLS, -HTTPS].

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-234391	SRG-APP-000191-UEM-000118	SV-234391r617355_rule		Medium

Description
Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session. Nonlocal maintenance and diagnostic activities are activities conducted by individuals communicating through either an external network (e.g., the internet) or an internal network. Satisfies:FTP_TRP.1.1(1) Refinement

STIG	Date
Unified Endpoint Management Server Security Requirements Guide	2020-12-14

Details

Check Text ( C-37576r614183_chk )
Verify the UEM server invokes either host-OS functionality or server functionality to provide a trusted communication channel between itself and remote administrators that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection: -IPsec, -SSH, -TLS, -HTTPS]. If the UEM server does not invoke either host-OS functionality or server functionality to provide a trusted communication channel between itself and remote administrators that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection: -IPsec, -SSH, -TLS, -HTTPS], this is a finding.

Check Text ( C-37576r614183_chk )

Verify the UEM server invokes either host-OS functionality or server functionality to provide a trusted communication channel between itself and remote administrators that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection:
-IPsec,
-SSH,
-TLS,
-HTTPS].

If the UEM server does not invoke either host-OS functionality or server functionality to provide a trusted communication channel between itself and remote administrators that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection:
-IPsec,
-SSH,
-TLS,
-HTTPS], this is a finding.

Fix Text (F-37541r615961_fix)
Configure the UEM server to invoke either host-OS functionality or server functionality to provide a trusted communication channel between itself and remote administrators that provides assured identification of its endpoints and protection of the communicated data from modification and disclosure using [selection: -IPsec, -SSH, -TLS, -HTTPS].