From IBM DataPower ALG Security Technical Implementation Guide
Part of SRG-NET-000391-ALG-000140
Associated with: CCI-002662
If outbound communications traffic is not continuously monitored, hostile activity may not be detected and prevented. Output from application and traffic monitoring serves as input to continuous monitoring and incident response programs.
Verify a service, such as a MultiProtocol Gateway, by clicking the icon on the Control Panel. Click the name of the service in the list >> Set the Name and back end destination for the service. Under MultiProtocol Gateway Policy, click “...” to inspect the Policy >> Verify one Rule Direction is set to Client to Server. Double-click the existing Match Action on the rule line and verify it is set default-accept-service providers. Double-click the Validate action >> Verify that it is set to a schema file. Upload the necessary schema definition file to the action >> Click Done. Double-click the AAA action to open it >> Click “...” to inspect the AAA Policy >> Follow the wizard steps to review the desired policy. When done, click cancel. Verify one Rule Direction is set to Server to Client. Double-click the existing Match Action on the rule line and verify it is set default-accept-service providers. Double-click the Validate action >> Verify that it is set to a schema file. Double-click the AAA action to open it >> Click “...” to inspect the AAA Policy >> Follow the wizard steps to review the desired policy. When done, click cancel. Click Cancel or Close Window to close the Policy. If these items have not been configured, this is a finding.
Create a new service, such as a MultiProtocol Gateway, by clicking the icon on the Control Panel. Click Add to create a new service >> Set the Name and back end destination for the service. Under MultiProtocol Gateway Policy, click “+” to create a new Policy >> Provide a name for the Policy >> Click New Rule >> Set the Rule Direction to Client to Server >> Double-click the existing Match Action on the rule line and select default-accept-service providers >> Drag the Validate action down onto the processing line >> Double-click the action. Upload the necessary schema definition file to the action >> Click Done. Drag the AAA action onto the processing line after the Validate action >> Double-click the action to open it >> Click “+” to create a new AAA Policy >> Follow the wizard steps to create the desired policy. When done, close the action >> Click Apply to complete the Policy. Click New Rule >> Set the direction to Server to Client >> Double-click the existing Match Action on the rule line and select default-accept-service providers >> Drag the Validate action down onto the processing line >> Double-click the action. Upload the necessary schema definition file to the action >> Click Done. Drag the AAA action onto the processing line after the Validate action >> Double-click the action to open it. Click “+” to create a new AAA Policy >> Follow the wizard steps to create the desired policy. When done, close the action >> Click Apply to complete the Policy. Complete the Gateway configuration by clicking Apply.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer