V-220362
MarkLogic Server v9 Security Technical Implementation Guide
Title
MarkLogic Server must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments.
Description
<VulnDiscussion>In order to prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embedding of data types within data types), organizations must disable or restrict unused or unnecessary physical and logical ports/protocols/services on information systems. Applications are capable of providing a wide variety of functions and services. Some of the functions and services provided by default may not be necessary to support essential orga...
Fix Text (Documentation Requirement)
Disable functions, ports, protocols, and services that are not approved. Perform the fix from the MarkLogic Server Admin Interface with a user that holds administrative-level privileges. 1. Click the Groups icon. 2. Click the group in which the App Server to check resides (e.g., Default). 3. Click the App Servers icon on the left tree menu. 4. Inspect the list of App Servers and associated Protocols and Ports. 5. If any App Server has an associated protocol or port that is not approved, remove the App Server by selecting the server and selecting either "Disable" or "Delete".