Documentation - V-255886

V-255886

IBM WebSphere Traditional V9.x Security Technical Implementation Guide

CAT III

Title

The WebSphere Application Server memory session settings must be defined according to application load requirements.

Description

<VulnDiscussion>DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity. To reduce the possibility or effect of a DoS, the application server must employ defined security safeguards. These safeguards will be determined by the placement of the application server and the type of applications being hosted within the application server framework. There are many examples of ...

Fix Text (Documentation Requirement)

From the admin console navigate to Servers >> all servers >> [web application server] >> Session management. For every [web application server], set the "Maximum in-memory session count", "allow overflow", and "session timeout" values according to your organizational requirements.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel