Cognos Analytics

 View Only
  • 1.  Web Application Firewall & Cognos 11

    Posted Wed November 09, 2022 06:02 AM
    Hello everybody,

    our security team aims to introduce a web application firewall (Sophos) to enhance security on our Cognos server, which can be reached by our users via internet.

    Does anybody here have experiences, information or even warnings to share before we approach this?

    Kind regards

    ------------------------------
    Agnes Ostheimer
    Leiterin Informationssysteme
    ta.ts - Travel Agency Technologies & Services GmbH (Lufthansa Group)
    Frankfurt
    ------------------------------

    #CognosAnalyticswithWatson


  • 2.  RE: Web Application Firewall & Cognos 11

    IBM Champion
    Posted Thu November 10, 2022 04:05 AM
    Hi Agnes,

    You need to share the default port settings for Cognos Analytics components (starting in PDF page 12):
    https://www.ibm.com/docs/en/SSEP7J_11.2.0/pdf/inst_cr_winux.pdf.

    Best regards,

    ------------------------------
    Patrick Neveu
    Positive Thinking Company
    ------------------------------



  • 3.  RE: Web Application Firewall & Cognos 11

    Posted Mon November 14, 2022 09:07 AM
    Hi Patrick,

    thank you for responding.
    I'm not sure if I understand correctly, but I'm also not the person who handles port settings.
    Do you mean we should allow all traffic and all requests concerning those ports? Wouldn't that also allow attacks on those ports?

    I am not sure what my colleagues configured exactly but we had to deactivate a couple of WAF rules to keep the Cognos application in a working state. And it seems hard to make sure we have found all those rules which are potentially preventing the application to be fully usable.

    Kind regards
    Agnes

    ------------------------------
    Agnes Ostheimer
    Leiterin Informationssysteme
    ta.ts - Travel Agency Technologies & Services GmbH (Lufthansa Group)
    Frankfurt
    ------------------------------