Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-222995 | TCAT-AS-001460 | SV-222995r615938_rule | Medium |
Description |
---|
A MAC I system is a system that handles data vital to the organization's operational readiness or effectiveness of deployed or contingency forces. A MAC I system must maintain the highest level of integrity and availability. By HA clustering the application server, the hosted application and data are given a platform that is load-balanced and provided high-availability. |
STIG | Date |
---|---|
Apache Tomcat Application Sever 9 Security Technical Implementation Guide | 2021-06-15 |
Check Text ( C-24667r426429_chk ) |
---|
This requirement only applies to a system that is categorized as high within the Risk Management Framework (RMF). Review the System Security Plan (SSP) or other system documentation that specifies the operational uptime requirements and RMF system categorization. If the system is categorized as high, from the Tomcat server as a privileged user, run the following command: sudo grep -i -A10 -B2 "Cluster" $CATALINA_BASE/conf/server.xml If the |
Fix Text (F-24656r426430_fix) |
---|
From the Tomcat server as a privileged user, modify the $CATALINA_BASE/conf/server.xml file. Uncomment the " https://tomcat.apache.org/tomcat-9.0-doc/config/cluster.html |