DISA STIG for Traditional WebSphere Application Server (tWAS)

View Only

DISA STIG for Traditional WebSphere Application Server (tWAS)

By James Mulvey posted Thu May 20, 2021 03:00 PM

Like

For hardening traditional WAS ND Version 9.0.x server environments in alignment with NIST SP800-53 we now have a Department of Defense Security Technical Implementation Guide. This provides a set of configuration hardening steps to ensure you have a secure configuration in place for WAS ND for production environments. These are broken into 3 categories.

1) Category 1 (High)

2) Category 2 (Medium)

3) Category 3 (Low)

It's highly recommended that WAS ND customers review these recommendations and follow the associated steps to lock down your environments.

We also have an extensive set a materials that provide hardening guidance for traditional WAS ND environments located here. Note this material is more relevant to WAS V7 and V8/8.5.

Traditional WAS Hardening Part 1
1210_lansche-advanced-hardening-1.pdf

Traditional WAS Hardening Part 2
1303_lansche-advanced-hardening-2.pdf

For questions regarding this information I can be contacted at jmulvey@us.ibm.com.

0 comments

8 views

IBM Application Runtimes Community

Come for answers, stay for best practices. All we're missing is you.

WebSphere Application Server & Liberty

DISA STIG for Traditional WebSphere Application Server (tWAS)

By James Mulvey posted Thu May 20, 2021 03:00 PM

Permalink