The designer will ensure the user interface services are physically or logically separated from data storage and management services.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-16784	APP3070	SV-17784r1_rule	DCPA-1	Medium

Description
If user interface services are compromised, this may lead to the compromise of data storage and management services if they are not logically or physically separated.

STIG	Date
Application Security and Development Checklist	2014-12-22

Details

Check Text ( C-17768r1_chk )
Interview the application representative to determine if logical separation exists between application components within the application. Review locations of the components of the application such as web server, database server, and application server. A separate machine is not required but is recommended. Separation may be accomplished through the use of different computers, different CPUs, different instances of the operating system, different network addresses, and combinations of these methods, or other methods, as appropriate. 1) If the application components are not separated in the application, this is a finding.

Check Text ( C-17768r1_chk )

Interview the application representative to determine if logical separation exists between application components within the application. Review locations of the components of the application such as web server, database server, and application server. A separate machine is not required but is recommended.

Separation may be accomplished through the use of different computers, different CPUs, different instances of the operating system, different network addresses, and combinations of these methods, or other methods, as appropriate.

1) If the application components are not separated in the application, this is a finding.

Fix Text (F-16989r1_fix)
Separate interface services from data storage and management services.