From IBM Hardware Management Console (HMC) STIG
Part of HMC0170
Associated with IA controls: IATS-1, IATS-2
Associated with: CCI-001749
If the Hardware Management Consoles (HMC) is network-connected, use SSL encryption techniques, through digital certificates to provide message privacy, message integrity and mutual authentication between clients and servers. To maintain data integrity the IBM Certificate distributed with the HMC's is to be replaced by a DoD-authorized Certificate. Note: This check applies only to network-connected HMCs.
The System Reviewer will have the System Administrator use the Hardware Management Console Certificate Management Task to validate that the private key and certificate shipped with any network-connected HMC from IBM was replaced with an approved DoD- authorized Certificate. Note: This check applies only to network-connected HMCs. Note: DoD certificates should display the following Information 'OU=PKI.OU=DoD.O=U.S. Government.C=US' If private web server does not subscribe to certificates issued from any DoD-authorized Certificate Authority as an access control mechanism for web users, then this is a FINDING.
The System Administrator must order a DoD PKI to replace the IBM Certificate and then the System Administrator must use the Hardware Management Console Certificate Management Task to install it. Note: This only applies to networked HMCs.
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer