Detections
Analytics

TNS IBM WebSphere Application Server 9 Linux Best Practices

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: TNS IBM WebSphere Application Server 9 Linux Best Practices

Updated: 1/5/2022

Authority: TNS

Plugin: Unix

Revision: 1.8

Estimated Item Count: 23

File Details

Filename: TNS_IBM_WebSphere_Application_Server_9_Linux.audit

Size: 29 kB

MD5: daabbf35e9a773a5ad79f3d152d826a4
SHA256: 41d67dcb81f29e91b1725fb3f8db946be0a9700a750c911566bc25bd0bbe38e7

Audit Items

DescriptionCategories
Deploy WebSphere Application Server on a Dedicated System

CONFIGURATION MANAGEMENT

Ensure Administrative Security is Enabled

ACCESS CONTROL

Ensure appropriate permissions on fileRegistry.xml

CONFIGURATION MANAGEMENT

Ensure appropriate permissions on WebSphere Installation Directory

CONFIGURATION MANAGEMENT

Ensure CSIv2 inbound communications transport is SSL-required

CONFIGURATION MANAGEMENT

Ensure Diagnostic Trace Output is Disabled

CONFIGURATION MANAGEMENT

Ensure External Authorization Provider is Enabled

ACCESS CONTROL

Ensure HTTP Access Logging is Enabled

AUDIT AND ACCOUNTABILITY

Ensure HTTP Access Logging Service is Enabled

AUDIT AND ACCOUNTABILITY

Ensure HTTP Error Logging is Enabled

AUDIT AND ACCOUNTABILITY

Ensure HTTPOnly attribute on LTPA cookies

CONFIGURATION MANAGEMENT

Ensure Persisting Credentials is Enabled

CONFIGURATION MANAGEMENT

Ensure Sample Applications are removed

CONFIGURATION MANAGEMENT

Ensure Security Auditing is Enabled

AUDIT AND ACCOUNTABILITY

Ensure Session Security Integration is Enabled

ACCESS CONTROL

Ensure Session Timeout is 30 minutes or less

IDENTIFICATION AND AUTHENTICATION

Ensure Standalone LDAP Registry SSL is Enabled

ACCESS CONTROL

Ensure Trust Association is Enabled

IDENTIFICATION AND AUTHENTICATION

Ensure WebSphere Application Server running as non-root user

ACCESS CONTROL

Review Groups with 'Administrator' Administrative Group Role

ACCESS CONTROL

Review Installed Applications

CONFIGURATION MANAGEMENT

Review Users with 'Administrator' Administrative User Role

ACCESS CONTROL

TNS_IBM_WebSphere_Application_Server_9_Linux.audit for IBM WebSphere Application Server 9