The Ivanti EPMM server must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the application.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-251403 | IMIC-11-001500 | SV-251403r1004724_rule | Medium |
| Description |
| STIG | Date |
| Ivanti EPMM Server Security Technical Implementation Guide | 2024-07-30 |
Details
| Check Text (C-54838r806339_chk) |
| Review MDM server documentation and configuration settings to determine if the MDM server is using the warning banner and the wording of the banner is the required text. On the MDM console, do the following: 1. Connect to the MobileIron Core Server using SSH. 2. Type in a user name and press enter. 3. Verify the required banner is displayed before the password prompt. The required text is found in the Vulnerability Discussion. If the required banner is not presented, this is a finding. 1. Connect to the MobileIron Core Server system manager portal using a web browser. 2. Verify the required banner is displayed on the web page. The required text is found in the Vulnerability Discussion. If the required banner is not presented, this is a finding. 1. Connect to the MobileIron Core Server administrator portal using a web browser. 2. Verify the required banner is displayed on the web page. If the required banner is not presented, this is a finding. |
| Fix Text (F-54791r806340_fix) |
| Configure the MDM server to display the appropriate warning banner text. On the MDM console, do the following: 1. Log in to the MobileIron Core Server administrator portal as a user with the security configuration administrator role using a web browser. 2. Select Settings on the web page. 3. Select General on the web page. 4. Select Login on the web page. 5. Check the "Enable Login Text Box" on the web page. 6. Type the required banner text in the "Text to Display" dialog on the web page. 7. Select "Save" on the web page. |