IBM WebSphere Traditional V9.x Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The WebSphere Application Server personal certificates in all keystores must be issued by an approved DoD CA.
<VulnDiscussion>Untrusted Certificate Authorities (CA) can issue certificates, but they may be issued by organizations or individuals that se...Rule Medium Severity -
SRG-APP-000225-AS-000153
<GroupDescription></GroupDescription>Group -
The WebSphere Application Server must be configured to perform complete application deployments when using A/B clusters.
<VulnDiscussion>Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure...Rule Low Severity -
SRG-APP-000225-AS-000154
<GroupDescription></GroupDescription>Group -
The WebSphere Application servers with an RMF categorization of high must be in a high-availability (HA) cluster.
<VulnDiscussion>This requirement is dependent upon system MAC and confidentiality. If the system MAC and confidentiality levels do not specif...Rule Low Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules