The application server must activate an alarm or automatically shut down the application server instance if an application component failure is detected.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35442 | SRG-APP-000268-AS-000171 | SV-46729r1_rule | Low |
| Description |
|---|
| Predictable failure prevention requires organizational planning to address application server failure issues. If components key to maintaining application server security fail to function, the system could continue operating in an insecure state. An application server instance represents a singular application running on the AS. It is critical that a balance is achieved so the requirement can be met while not simultaneously causing a denial of service to other coexisting application instances that are not affected by the failure. The application server must alarm for such conditions and/or automatically shut down the application instance. |
| STIG | Date |
|---|---|
| Application Server Security Requirements Guide | 2013-01-08 |
Details
| Check Text ( C-43796r1_chk ) |
|---|
| Review the AS configuration to ensure the system can enforce the requirement that if a server component failure is detected, the AS must activate an alarm and/or automatically shut down the affected application instance. If this function cannot be performed, this is a finding. |
| Fix Text (F-39986r1_fix) |
|---|
| Configure the AS to activate an alarm or shutdown the affected application instance if a server component failure is detected. |