Revision 1.1Jul 24, 2018
Functional Update
- Deploy WebSphere Application Server on a Dedicated System
- Ensure Administrative Security is Enabled
- Ensure CSIv2 inbound communications transport is SSL-required
- Ensure Diagnostic Trace Output is Disabled
- Ensure External Authorization Provider is Enabled
- Ensure HTTP Access Logging Service is Enabled
- Ensure HTTP Access Logging is Enabled
- Ensure HTTP Error Logging is Enabled
- Ensure HTTPOnly attribute on LTPA cookies
- Ensure Persisting Credentials is Enabled
- Ensure Sample Applications are removed
- Ensure Security Auditing is Enabled
- Ensure Session Security Integration is Enabled
- Ensure Session Timeout is 30 minutes or less
- Ensure Standalone LDAP Registry SSL is Enabled
- Ensure Trust Association is Enabled
- Ensure appropriate permissions on WebSphere Installation Directory
- Ensure appropriate permissions on WebSphere Log Directory
- Ensure appropriate permissions on fileRegistry.xml
- Review Groups with 'Administrator' Administrative Group Role
- Review Installed Applications
- Review Users with 'Administrator' Administrative User Role
- TNS_IBM_WebSphere_Application_Server_9_Windows.audit for IBM WebSphere Application Server 9
Informational Update
- TNS_IBM_WebSphere_Application_Server_9_Windows.audit for IBM WebSphere Application Server 9
Miscellaneous
- Metadata updated.
- Platform check updated.
- References updated.