The IAO will ensure if an application is designated critical, the application is not hosted on a general purpose machine.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-16833	APP6010	SV-17833r1_rule	DCSQ-1	Medium

Description
Critical applications should not be hosted on a multi-purpose server with other applications. Applications that share resources are susceptible to the other shared application security defects. Even if the critical application is designed and deployed securely, an application that is not designed and deployed securely, can cause resource issues and possibly crash effecting the critical application.

Description

Critical applications should not be hosted on a multi-purpose server with other applications. Applications that share resources are susceptible to the other shared application security defects. Even if the critical application is designed and deployed securely, an application that is not designed and deployed securely, can cause resource issues and possibly crash effecting the critical application.

STIG	Date
Application Security and Development Checklist	2014-12-22

Details

Check Text ( C-17839r1_chk )
Ask the application representative to review the servers where the application is deployed. Also, ask what other applications are deployed on those servers. 1) If a mission critical (MAC I) application is deployed on the same server as other applications, it is a finding.

Fix Text (F-17150r1_fix)
Deploy mission critical (MAC I) applications on servers that are not shared by other applications.