STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 1 hour ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Ivanti MobileIron Sentry 9.x ALG Security Technical Implementation Guide

V-251033

CAT III (Low)

The Sentry must implement load balancing to limit the effects of known and unknown types of Denial-of-Service (DoS) attacks.

Rule ID

SV-251033r802321_rule

STIG

Ivanti MobileIron Sentry 9.x ALG Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-002385

Discussion

If the network does not provide safeguards against DoS attacks, network resources will be unavailable to users. Load balancing provides service redundancy; which service redundancy reduces the susceptibility of the ALG to many DoS attacks. The ALG must be configured to prevent or mitigate the impact on network availability and traffic flow of DoS attacks that have occurred or are ongoing. This requirement applies to the network traffic functionality of the device as it pertains to handling network traffic. Some types of attacks may be specialized to certain network technologies, functions, or services. For each technology, known and potential DoS attacks must be identified and solutions for each type implemented.

Check Content

Verify the Sentry is implemented behind a load balancer to limit the effects of known and unknown types of DoS attacks.

If the device is not implemented behind a load balancer to limit the effects of known and unknown types of DoS attacks, this is a finding.

Fix Text

Configure the Sentry to be implemented behind a load balancer to limit the effects of known and unknown types of DoS attacks.