The application server must prevent the presentation of information system management-related functionality at an interface utilized by general (i.e., non-privileged) users.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35774	SRG-APP-000212-AS-NA	SV-47061r1_rule		Medium

Description
Application Server management functionality includes functions necessary to administer the application server, and requires privileged access via one of the accounts assigned to a management role. The separation of AS administration functionality from hosted application functionality is either physical or logical and is accomplished by using different computers, different central processing units, different instances of the operating system, network addresses, network ports, or combinations of these methods, as appropriate. This requirement is NA. This requirement is geared towards network and firewall configurations, not application servers.

Description

Application Server management functionality includes functions necessary to administer the application server, and requires privileged access via one of the accounts assigned to a management role. The separation of AS administration functionality from hosted application functionality is either physical or logical and is accomplished by using different computers, different central processing units, different instances of the operating system, network addresses, network ports, or combinations of these methods, as appropriate. This requirement is NA. This requirement is geared towards network and firewall configurations, not application servers.

STIG	Date
Application Server Security Requirements Guide	2013-01-08

Details

Check Text ( C-44119r1_chk )
This requirement is NA for the AS SRG.

Fix Text (F-40319r1_fix)
The requirement is NA. No fix is required.