IBM DataPower Handbook Volume V: DataPower Security Hardening: Second Edition

This is Volume V of the long-awaited second edition of the 'bible' and expert guide to deploying, using, and managing IBM DataPower Gateway Appliances. DataPower appliances can simplify deployment, strengthen security, enhance performance, and dramatically improve return on investment for many use cases, such as mobile, Web, API, legacy, cloud, and SOA/Web Services. This volume focuses on security hardening your DataPower appliances from both an administrative and messaging perspective. It is based on military specifications designed by the United States Department of Defense. Contents Preface Chapter 1 DataPower Inherently Hardened Features 1.1 Role-Based Administration Auditing Preamble 1.2 Auditing Account Creation and Modification 1.3 Auditing Administrative Commands 1.4 Prohibiting Unnecessary/Unused Ports, Services, and Protocols 1.5 Encrypted Protocols for Administrative Access 1.6 Admin Authentication Replay Protection 1.7 Password Protection 1.8 Validating PKI Admin Authentication 1.9 Authentication Feedback Should Be Obscured 1.10 Terminate Non-Local Administrative Connections 1.11 Administrative Session Identifiers Should Be Deleted 1.12 Protecting Data at Rest 1.13 Error Messages and Logs Should Only Be Visible to Authorized Users 1.14 Only Privileged Users Should Execute Admin Functions 1.15 Audit Record Timestamp Granularity 1.16 Installation of Software Modules 1.17 Temporary Passwords 1.18 Denial of Service Attacks 1.19 Audit of Administrative Actions 1.20 Configuration Changes Should Be Immediate 1.21 Unnecessary Functions Should Not Be Enabled 1.22 Secure Failure 1.23 Physical Security 1.24 Secure Administrative Protocols 20 Chapter 2 Appliance Administrative Hardening 2.1 User Interface Idle Timeouts and Cached Admin Credentials 2.2 Encrypting Administrative Protocols 2.3 Off-load System Audit Records 2.4 Send Immediate Threat Alarms 2.5 Configure SNMP Trap Events for Account Enabling Actions 2.6 Selective, Targeted Auditing 2.7 External Admin Authenticators 2.8 Secure Backups 2.9 Crypto Keys and Certificates 2.10 Audit Account Enabling Actions 2.11 Alert Audit Record Storage Critically Low 2.12 Generate Alerts for Audit Failure Events 2.13 Configure NTP Service 2.14 Configure the Desired Timestamp Format 2.15 Generate an Alert if Appliance Configurations Are Changed 2.16 Protecting Audit Information 2.17 Password Policy 2.18 NIST SP800-131a and FIPS 140-2 Compliance 2.19 PKI Certificate Authentication for Admin Users 2.20 Configure Multifactor Authentication for Network Access to Non-Privileged Accounts 2.21 Enforcing Administrative User Privileges 2.22 Customizing Login and Logout Messages 2.23 Capturing System Event Data with Log Targets 2.24 Restricting Access to a Specific Log Target 2.25 Notifications for Logging Failure 2.26 Configuring Off-Appliance Logging 2.27 Controlling the Default Domain Chapter 3 Message-Level Hardening 3.1 Validate Inbound Data 3.2 Use Strong Crypto for Message Traffic 3.3 Secure Logging for Transactions 3.4 Configure Individual and Group Authentication Methods 3.5 Multifactor Authentication for Network Access to Protected Resources 3.6 Configure Replay-Resistant Mutual SSL/TLS 3.7 Define Crypto Validation Credentials and Certificate Revocation Policy 3.8 Configure PKI-Based Credential Mapping for Message-level Authentication and Authorization 3.9 Configure Device Failure Notification Functions 3.10 SQL Injection Protection 3.11 Denial of Service (DoS) Attack Mediation 3.12 Virus Scanning 3.13 Viewing User Activity Log 3.14 FICAM-Issued Profile Support 3.15 Access Control Lists 3.16 Using Filter Actions to Prevent Replay Attacks 3.17 Caching User Authentication and Authorization Results 3.18 Configuring Transport Layer Security Consistent with NIST SP800-52 3.19 Securely Transmit Authentication Information 3.20 Server Name Indication (SNI) Profiles 3.21 Configure XML and JSON Threat Protection Appendix A: DataPower Resources