Skip to content
Catalogs
XCCDF
IBM MQ Appliance V9.0 AS Security Technical Implementation Guide
SRG-APP-000356-AS-000202
The MQ Appliance messaging server must provide centralized management and configuration of the content to be captured in log records generated by all application components.
The MQ Appliance messaging server must provide centralized management and configuration of the content to be captured in log records generated by all application components. An XCCDF Rule
The MQ Appliance messaging server must provide centralized management and configuration of the content to be captured in log records generated by all application components.
Medium Severity
<VulnDiscussion>A clustered messaging server is made up of several servers working together to provide the user a failover and increased computing capability. To facilitate uniform logging in the event of an incident and later forensic investigation, the record format and logable events need to be uniform. This can be managed best from a centralized server.
Without the ability to centrally manage the content captured in the log records, identification, troubleshooting, and correlation of suspicious behavior would be difficult and could lead to a delayed or incomplete analysis of an ongoing attack.
The MQ appliance is designed to be used in a redundant HQ configuration which will provide a means of centralized management of log activity.
Rudimentary instructions for determining if HA is set up are included here. To ensure proper configuration, system HA design steps must be taken and implemented. Reference vendor documentation for complete instructions on setting up HA: https://ibm.biz/BdicC7
Note: The queue manager’s data (queues, queue messages etc.) are replicated from the appliance in the primary HA role (first appliance) to the appliance in the secondary HA role (second appliance).
Ref.: Configuring high availability queue managers https://goo.gl/xAqNTX</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>