zOS WebsphereMQ for TSS Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000033
Group -
SRG-OS-000403
Group -
WebSphere MQ channel security is not implemented in accordance with security requirements.
WebSphere MQ channel security can be configured to provide authentication, message privacy, and message integrity between queue managers. WebSphere MQ channels use SSL encryption techniques, digita...Rule Medium Severity -
SRG-OS-000480
Group -
SRG-OS-000163
Group -
User timeout parameter values for WebSphere MQ queue managers are not specified in accordance with security requirements.
Users signed on to a WebSphere MQ queue manager could leave their terminals unattended for long periods of time. This may allow unauthorized individuals to gain access to WebSphere MQ resources an...Rule Medium Severity -
SRG-OS-000104
Group -
WebSphere MQ started tasks are not defined in accordance with the proper security requirements.
Started tasks are used to execute WebSphere MQ queue manager services. Improperly defined WebSphere MQ started tasks may result in inappropriate access to application resources and the loss of acc...Rule Medium Severity -
SRG-OS-000080
Group -
WebSphere MQ all update and alter access to MQSeries/WebSphere MQ product and system data sets are not properly restricted.
MVS data sets provide the configuration, operational, and executable properties of WebSphere MQ. Some data sets are responsible for the security implementation of WebSphere MQ. Failure to properly ...Rule Medium Severity -
SRG-OS-000080
Group -
WebSphere MQ security class(es) must not be defined improperly.
WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security ch...Rule Medium Severity -
SRG-OS-000080
Group -
WebSphere MQ switch profiles must be properly defined to the appropriate ADMIN class.
WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security ch...Rule High Severity -
SRG-OS-000080
Group -
SRG-OS-000104
Group -
WebSphere MQ dead letter and alias dead letter queues are not properly defined.
WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security ch...Rule Medium Severity -
SRG-OS-000080
Group -
SRG-OS-000080
Group -
WebSphere MQ Process resources must be protected in accordance with security requirements.
WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security ch...Rule Medium Severity -
SRG-OS-000080
Group -
WebSphere MQ Namelist resources must be protected in accordance with security requirements.
WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security ch...Rule Medium Severity -
SRG-OS-000080
Group -
WebSphere MQ alternate user resources defined to appropriate ADMIN resource class must be protected in accordance with security requirements.
WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security ch...Rule Medium Severity -
SRG-OS-000080
Group -
WebSphere MQ context resources defined to the appropriate ADMIN resource class must be protected in accordance with security requirements.
WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security ch...Rule Medium Severity -
SRG-OS-000080
Group -
WebSphere MQ command resources defined to MQCMDS resource class are not protected in accordance with security requirements.
WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security c...Rule Medium Severity -
SRG-OS-000080
Group -
WebSphere MQ RESLEVEL resources in the appropriate ADMIN resource class must be protected in accordance with security requirements.
WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security ch...Rule Medium Severity -
WebSphere MQ channel security must be implemented in accordance with security requirements.
WebSphere MQ Channel security can be configured to provide authentication, message privacy, and message integrity between queue managers. Secure Sockets Layer (SSL) uses encryption techniques, digi...Rule High Severity -
Production WebSphere MQ Remotes must utilize Certified Name Filters (CNF).
IBM WebSphere MQ can use a user ID associated with an ACP certificate as a channel user ID. When an entity at one end of an SSL channel receives a certificate from a remote connection, the entity a...Rule Medium Severity -
WebSphere MQ connection class resources must be protected properly.
WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security ch...Rule Medium Severity -
WebSphere MQ queue resource defined to the appropriate resource class must be protected in accordance with security requirements.
WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security ch...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.