The firewall protecting the Omnissa WS1 UEM server platform must be configured so only DoW-approved ports, protocols, and services are enabled. (Refer to the DoW Ports, Protocols, Services Management [PPSM] Category Assurance Levels [CAL] list for DoW-approved ports, protocols, and services).
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-284282 | SRG-APP-000142-UEM-000080 | OMW1-00-003700 | SV-284282r1224025_rule | 2026-06-15 | 1 |
Description
All ports, protocols, and services used on DoW networks must be approved and registered via the DoW PPSM process. This is to ensure a risk assessment has been completed before a new port, protocol, or service is configured on a DoW network and has been approved by proper DoW authorities. Otherwise, the new port, protocol, or service could cause a vulnerability to the DoW network, which could be exploited by an adversary.
Satisfies: FMT_SMF.1.1(2) Refinement b
Reference: PP-MDM-431006
ℹ️ Check
Review the MDM server platform configuration to determine whether a DoW-approved firewall is installed or if the platform operating system provides a firewall service that can restrict both inbound and outbound traffic by Transmission Control Protocol (TCP)/User Datagram Protocol (UDP) port and Internet Protocol (IP) address.
If there is not a host-based firewall present on the MDM server platform, or if it is not configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, this is a finding.
✔️ Fix
Install and configure a DoW-approved firewall to protect the network segment on which the Workspace ONE UEM server is installed.