Rule ID
SV-284282r1224025_rule
Version
V1R1
CCIs
All ports, protocols, and services used on DoW networks must be approved and registered via the DoW PPSM process. This is to ensure a risk assessment has been completed before a new port, protocol, or service is configured on a DoW network and has been approved by proper DoW authorities. Otherwise, the new port, protocol, or service could cause a vulnerability to the DoW network, which could be exploited by an adversary. Satisfies: FMT_SMF.1.1(2) Refinement b Reference: PP-MDM-431006
Review the MDM server platform configuration to determine whether a DoW-approved firewall is installed or if the platform operating system provides a firewall service that can restrict both inbound and outbound traffic by Transmission Control Protocol (TCP)/User Datagram Protocol (UDP) port and Internet Protocol (IP) address. If there is not a host-based firewall present on the MDM server platform, or if it is not configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, this is a finding.
Install and configure a DoW-approved firewall to protect the network segment on which the Workspace ONE UEM server is installed.