Sun Ray Server is not properly registered in VMS or database.

From Sun Ray 4 STIG

Part of Sun Ray server is not registered in VMS/database

Associated with IA controls: VIVM-1

SV-17388r1_rule Sun Ray Server is not properly registered in VMS or database.

Vulnerability discussion

The Vulnerability Management System (VMS) was developed to interface with the DOD Enterprise tools to assist all DOD CC/S/As in the identification of security vulnerabilities and track the issues through the lifecycle of the vulnerabilities existence. To ensure both the emerging and known vulnerabilities are addressed on a system, VMS tracks the existence of all potential vulnerabilities based on the posture of an asset. As a result, all vulnerabilities are tracked through their lifecycle.Vulnerability Management is the process of ensuring that all network assets that are affected by an IAVM notice are addressed and corrected within a time period specified in the IAVM notice. VMS will notify commands, services, and agencies of new and potential security vulnerabilities. VMS meets the DoD mandate to ensure information system vulnerability alert notifications are received and acted on by all SAs. Keeping the inventory of assets current allows for tracking of virtualization servers and resources, and supports a successful IAVM process. The ability to track assets improves the effective use of virtualization assets, information assurance auditing efforts, as well as optimizing incident response times.

Check content

Access VMS or appropriate database and navigate to the site’s assets. Ensure the Sun Ray Server(s) are registered within the database or VMS. If they are not registered, this is a finding.

Fix text

Register Sun Ray Servers in VMS or database.

Pro Tips

Powered by sagemincer