National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CA API Gateway STIG Version 1, Release 1 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
COMPUTER ASSOCIATES (CA) APPLICATION PROGRAMMING INTERFACE (API) GATEWAY cpe:/a:ca:api_gateway (View CVEs)

Checklist Highlights

Checklist Name:
CA API Gateway STIG
Checklist ID:
709
Version:
Version 1, Release 1
Type:
Compliance
Review Status:
Final
Authority:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:
04/28/2017

Checklist Summary:

The Computer Associates (CA) Application Programming Interface (API) Gateway Security Technical Implementation Guides (STIGs) provide technical security policies, requirements, and implementation details for applying security concepts to a gateway combining policy management and central policy enforcement. This Network Device Management (NDM) STIG contains the requirements necessary to secure the management plane of the CA API Gateway servers and is based on the NDM Security Requirements Guide (SRG). The CA API Gateway enables an enterprise solution for backend data and applications integrating with existing Identity Access Management (IAM) solutions. The Gateway includes a built-in Public Key Infrastructure (PKI) engine, FIPS 140-2 level encryption, and Security Assertion Markup Language (SAML) support. The Gateway form factors within scope of this STIG are the network device and virtual appliance running on the Red Hat Enterprise Linux (RHEL) operating system.

Checklist Role:

  • Business Productivity Application

Known Issues:

Not provided.

Target Audience:

Not provided.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

DoD Instruction (DoDI) 8500.01

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

Not provided.

Product Support:

Not provided.

Point of Contact:

disa.stig_spt@mail.mil

Sponsor:

Not provided.

Licensing:

Not provided.

Change History:

updated to FINAL - 12/07/2016
Updated CA API Gateway ALG to Version 1, Release 2 - 04/28/2017
Updated to FINAL - 05/30/2017
null
Updated URL to reflect change to the DISA website - http --> https
Updated URLs - 6/5/19

Dependency/Requirements:

URL Description
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_CA_API_Gateway_V1R1_Overview.zip CA API Gateway STIG Ver 1 Overview

References:

Reference URL Description
https://dl.dod.cyber.mil/wp-content/uploads/stigs/pdf/U_CA_API_Gateway_STIG_V1_Memo_signed.pdf CA API Gateway STIG, Ver 1 Release Memo

NIST checklist record last modified on 06/05/2019