Detections
Analytics

TNS IBM WebSphere Application Server 9 Windows Best Practices

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: TNS IBM WebSphere Application Server 9 Windows Best Practices

Updated: 1/5/2022

Authority: TNS

Plugin: Windows

Revision: 1.6

Estimated Item Count: 23

File Details

Filename: TNS_IBM_WebSphere_Application_Server_9_Windows.audit

Size: 38 kB

MD5: 87c8a10e2fbd2324efd96b24cf0f7b22
SHA256: f6f27dd67ee290974eae0b509886956dc53dd61844e557a2d9a6974d1eecc4c5

Audit Items

DescriptionCategories
Deploy WebSphere Application Server on a Dedicated System

CONFIGURATION MANAGEMENT

Ensure Administrative Security is Enabled

ACCESS CONTROL

Ensure appropriate permissions on fileRegistry.xml

ACCESS CONTROL

Ensure appropriate permissions on WebSphere Installation Directory

ACCESS CONTROL

Ensure appropriate permissions on WebSphere Log Directory

ACCESS CONTROL

Ensure CSIv2 inbound communications transport is SSL-required

CONFIGURATION MANAGEMENT

Ensure Diagnostic Trace Output is Disabled

CONFIGURATION MANAGEMENT

Ensure External Authorization Provider is Enabled

ACCESS CONTROL

Ensure HTTP Access Logging is Enabled

AUDIT AND ACCOUNTABILITY

Ensure HTTP Access Logging Service is Enabled

AUDIT AND ACCOUNTABILITY

Ensure HTTP Error Logging is Enabled

AUDIT AND ACCOUNTABILITY

Ensure HTTPOnly attribute on LTPA cookies

CONFIGURATION MANAGEMENT

Ensure Persisting Credentials is Enabled

CONFIGURATION MANAGEMENT

Ensure Sample Applications are removed

CONFIGURATION MANAGEMENT

Ensure Security Auditing is Enabled

AUDIT AND ACCOUNTABILITY

Ensure Session Security Integration is Enabled

ACCESS CONTROL

Ensure Session Timeout is 30 minutes or less

IDENTIFICATION AND AUTHENTICATION

Ensure Standalone LDAP Registry SSL is Enabled

ACCESS CONTROL

Ensure Trust Association is Enabled

IDENTIFICATION AND AUTHENTICATION

Review Groups with 'Administrator' Administrative Group Role

ACCESS CONTROL

Review Installed Applications

CONFIGURATION MANAGEMENT

Review Users with 'Administrator' Administrative User Role

ACCESS CONTROL

TNS_IBM_WebSphere_Application_Server_9_Windows.audit for IBM WebSphere Application Server 9