Oct 2, 2024 Functional Update- WBSP-AS-000010 - The WebSphere Application Server maximum in-memory session count must be set according to application requirements.
- WBSP-AS-000020 - The WebSphere Application Server admin console session timeout must be configured.
- WBSP-AS-000070 - The WebSphere Application Server security auditing must be enabled.
- WBSP-AS-000120 - The WebSphere Application Server automatic repository checkpoints must be enabled to track configuration changes - depth
- WBSP-AS-000120 - The WebSphere Application Server automatic repository checkpoints must be enabled to track configuration changes - enabled
- WBSP-AS-000130 - The WebSphere Application Server administrative security must be enabled.
- WBSP-AS-000140 - The WebSphere Application Server bus security must be enabled.
- WBSP-AS-000160 - The WebSphere Application Server Quality of Protection (QoP) must be set to use TLSv1.2 or higher.
- WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - administrative security
- WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - application security
- WBSP-AS-000180 - The WebSphere Application Server Single Sign On (SSO) must have SSL enabled for Web and SIP Security.
- WBSP-AS-000190 - The WebSphere Application Server security cookies must be set to HTTPOnly.
- WBSP-AS-000211 - The WebSphere Application Server Java 2 security must be enabled.
- WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed.
- WBSP-AS-000580 - The WebSphere Application Server must allocate JVM log record storage capacity in accordance with requirements - err
- WBSP-AS-000580 - The WebSphere Application Server must allocate JVM log record storage capacity in accordance with requirements - out
- WBSP-AS-000590 - WebSphere Application Server must allocate audit log record storage capacity in accordance with requirements - maxFileSize
- WBSP-AS-000590 - WebSphere Application Server must allocate audit log record storage capacity in accordance with requirements - maxLogs
- WBSP-AS-000630 - The WebSphere Application Server must provide an immediate real-time alert of all log failure events - enabled
- WBSP-AS-000640 - The WebSphere Application Server must alert the SA and ISSO, in the event of a log processing failure - enabled
- WBSP-AS-000640 - The WebSphere Application Server must alert the SA and ISSO, in the event of a log processing failure - notification
- WBSP-AS-000650 - The WebSphere Application Server audit subsystem failure action must be set to Log warning.
- WBSP-AS-000660 - The WebSphere Application Server must shut down by default upon log failure (unless availability is an overriding concern).
- WBSP-AS-000810 - The WebSphere Application Server must be configured to encrypt log information.
- WBSP-AS-000820 - The WebSphere Application Server must be configured to sign log information.
- WBSP-AS-001030 - The WebSphere Application Server multifactor authentication for network access to privileged accounts must be used.
- WBSP-AS-001110 - WebSphere Application Server must authenticate all network-connected endpoint devices before establishing any connection
- WBSP-AS-001120 - WebSphere Application Server must authenticate all endpoint devices before establishing a local, remote, network connection
- WBSP-AS-001210 - The WebSphere Application Server must prohibit the use of cached authenticators after an organization-defined time period.
- WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed.
- WBSP-AS-001290 - WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes.
- WBSP-AS-001300 - The WebSphere Application Server must accept PIV credentials from other federal agencies to access management interface.
- WBSP-AS-001530 - The WebSphere Application Server must periodically regenerate LTPA keys.
- WBSP-AS-001580 - The WebSphere Application Server memory session settings must be defined according to application load requirements.
- WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - Default
- WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - ORB
- WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - SIBFAPInbound
- WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - SIBFAPThreadPool
- WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - SIBJMSRAThreadPool
- WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - TCPChannel.DCS
- WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - WMQJCAResourceAdapter
- WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - WebContainer
- WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - server.startup
- WBSP-AS-001610 - The WebSphere Application Server must remove export ciphers to protect confidentiality and integrity of transmitted info
- WBSP-AS-001630 - The WebSphere Application Server plugin must be configured to use HTTPS only - HttpQueueInboundDefault
- WBSP-AS-001630 - The WebSphere Application Server plugin must be configured to use HTTPS only - WCInboundDefault
|
Jun 17, 2024 Miscellaneous- Metadata updated.
- References updated.
|
Apr 12, 2023 |
Mar 7, 2023 Miscellaneous- Metadata updated.
- References updated.
- Variables updated.
|
Dec 7, 2022 |
Apr 25, 2022 Miscellaneous- Metadata updated.
- References updated.
|
Jul 30, 2021 Miscellaneous- Metadata updated.
- References updated.
|
Jun 17, 2021 |
Feb 1, 2021 Miscellaneous- Metadata updated.
- References updated.
|
Sep 29, 2020 |
