From CA API Gateway ALG Security Technical Implementation Guide
Part of SRG-NET-000249-ALG-000145
Associated with: CCI-001243
Taking an appropriate action based on local organizational incident handling procedures minimizes the impact of malicious code on the network.
Open the CA API Gateway - Policy Manager and double-click any of the Registered Services that require the deletion of malicious code once detected. Verify the "Scan Using ICAP-Enabled Antivirus" Assertion is included in the policy. If it is not, check to see if it has been added to a Global Policy. If the Assertion is not present in either Global or Registered Services policy, this is a finding.
Open the CA API Gateway - Policy Manager and double-click any of the Registered Services that did not have the "Scan Using ICAP-Enabled Antivirus" Assertion. Add the "Scan Using ICAP-Enabled Antivirus" Assertion, configure the parameters for the Assertion in accordance with organizational requirements, and click the "Save and Activate" button. If the organization requires that all Registered Services require the ability to delete malicious code upon detection, consider adding the "Scan Using ICAP-Enabled Antivirus" Assertion to a Global Policy to meet this requirement.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer