JBoss Enterprise Application Platform 6.3 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
JBoss must be configured to generate log records that show starting and ending times for access to the application server management interface.
Determining when a user has accessed the management interface is important to determine the timeline of events when a security incident occurs. Generating these events, especially if the managemen...Rule Medium Severity -
JBoss servers must be configured to roll over and transfer logs on a minimum weekly basis.
Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Protecting log data is important during a forensic investigation to ensure investigators can tr...Rule Medium Severity -
JBoss management interfaces must be secured.
JBoss utilizes the concept of security realms to secure the management interfaces used for JBoss server administration. If the security realm attribute is omitted or removed from the management in...Rule High Severity -
SRG-APP-000089-AS-000050
Group -
Remote access to JMX subsystem must be disabled.
The JMX subsystem allows you to trigger JDK and application management operations remotely. In a managed domain configuration, the JMX subsystem is removed by default. For a standalone configurati...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules