Skip to content
Log In

IBM WebSphere Traditional V9.x Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The WebSphere Application Server users in a local user registry group must be authorized for that group.

    Application servers provide remote access capability and must be able to enforce remote access policy requirements or work in conjunction with enterprise tools designed to enforce policy requiremen...
    Rule Medium Severity
    Show

  • SRG-APP-000014-AS-000009

    Group
    Show

  • The WebSphere Application Server Single Sign On (SSO) must have SSL enabled for Web and SIP Security.

    Remote management access is accomplished by leveraging common communication protocols and establishing a remote connection to the application server via a network for the purposes of managing the a...
    Rule High Severity
    Show

  • SRG-APP-000015-AS-000010

    Group
    Show

  • The WebSphere Application Server security cookies must be set to HTTPOnly.

    Web applications use cookies to track users across requests. These cookies, while typically not sensitive in themselves, connect you to your existing state on the back end system. If an intruder we...
    Rule Medium Severity
    Show

  • SRG-APP-000033-AS-000024

    Group
    Show

  • The WebSphere Application Server Java 2 security must be enabled.

    Java 2 security provides a policy-based fine grained access control mechanism that increases overall system integrity by checking for permissions before allowing access to certain protected system ...
    Rule High Severity
    Show

  • SRG-APP-000033-AS-000024

    Group
    Show

  • The WebSphere Application Server Java 2 security must not be bypassed.

    WebSphere provides a passive filter mechanism that will allow administrators to set Java 2 security in the admin console as enabled while still allowing applications to access host resources. This ...
    Rule High Severity
    Show

  • SRG-APP-000033-AS-000024

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules