Check: TOMCAT-000435-AS-000069
Apache Tomcat Application Server STIG - Xylok Custom:
TOMCAT-000435-AS-000069
(in version v1 r1.1)
Title
The Tomcat server, when a MAC I system, must be in a high-availability (HA) cluster. (Cat II impact)
Discussion
A MAC I system is a system that handles data vital to the organization's operational readiness or effectiveness of deployed or contingency forces. A MAC I system must maintain the highest level of integrity and availability. By HA clustering the application server, the hosted application and data are given a platform that is load-balanced and provided high-availability.
Check Content
If the Tomcat server is not a MAC I system, this requirement is NA. Ask the SA if the Tomcat server is part of an HA cluster. If the Tomcat server is not part of an HA cluster, this is a finding.
Fix Text
If the application server is not a MAC I system, this requirement is NA. Configure the application server to be part of an HA cluster.
Additional Identifiers
Rule ID: SV-71807r2_rule
Vulnerability ID: V-57531
Group Title:
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-002385 |
The information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards. |
Controls
| Number | Title |
|---|---|
| SC-5 |
Denial Of Service Protection |