SP13-00-000125 - SharePoint must implement an information system isolation boundary that minimizes the number of nonsecurity functions included within the boundary containing security functions.

Information

The information system isolates security functions from nonsecurity functions by means of an isolation boundary (implemented via partitions and domains) controlling access to and protecting the integrity of, the hardware, software, and firmware that perform those security functions. The information system maintains a separate execution domain (e.g., address space) for each executing process.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Configure the SharePoint server to implement an information system isolation boundary that minimizes the number of nonsecurity functions included within the boundary containing security functions.

Log on to the server that hosts the farm's Central Administration website.

Open IIS Manager.

Expand 'Sites' tree view and right-click the web application named 'SharePoint Central Administration'.

Select 'Edit Bindings ...'.

Select the site binding record and click 'Edit'.

From the 'IP Address' dropdown list, select an OOB IP address.

Click 'Ok'.

*NOTE: If the Central Administration site has multiple site bindings, steps will need to be repeated for each site binding.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_SharePoint_2013_V2R3_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-23, CAT|I, CCI|CCI-001184, Rule-ID|SV-223260r612235_rule, STIG-ID|SP13-00-000125, STIG-Legacy|SV-74411, STIG-Legacy|V-59981, Vuln-ID|V-223260

Plugin: Windows

Control ID: 3f2bae5965123aec548b8898890b6afd818b47ec516f2e22de80fdcc8321eceb