The UEM server must be configured to provide a trusted communication channel between itself and authorized IT entities using [selection: -IPsec, -SSH, -mutually authenticated TLS, -mutually authenticated DTLS, -HTTPS].
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-234390 | SRG-APP-000191 | SRG-APP-000191-UEM-000117 | SV-234390r1035567_rule | 2025-09-10 | 2 |
Description
Examples of authorized IT entities: audit server, Active Directory, software update server, and database server.
Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.
Nonlocal maintenance and diagnostic activities are activities conducted by individuals communicating through either an external network (e.g., the internet) or an internal network.
Satisfies: FTP_ITC.1.1(1) Refinement
Reference: PP-MDM-412062
ℹ️ Check
Verify the UEM server provides a trusted communication channel between itself and authorized IT entities using [selection:
-IPsec,
-SSH,
-mutually authenticated TLS,
-mutually authenticated DTLS,
-HTTPS].
If the UEM server does not provide a trusted communication channel between itself and authorized IT entities using [selection:
-IPsec,
-SSH,
-mutually authenticated TLS,
-mutually authenticated DTLS,
-HTTPS], this is a finding.
✔️ Fix
Configure the UEM server to provide a trusted communication channel between itself and authorized IT entities using [selection:
-IPsec,
-SSH,
-mutually authenticated TLS,
-mutually authenticated DTLS,
-HTTPS].