Rule ID
SV-255889r961863_rule
Version
V2R1
A Core Group (HA Domain) is a component of the high availability manager function. It can contain stand-alone servers, cluster members, node agents, administrative agents, and the deployment manager. Core groups rely on DCS, which uses a reliable multicast message (RMM) system for transport. RMM can use one of several wire transport technologies. Depending on your environment, sensitive information might be transmitted over DCS. For example, data in DynaCache and the security subject cache are transmitted using DCS. To ensure this, select a transport type of channel framework and DCS-Secure as channel chain for each core group. Be aware that DCS always authenticates messages when global security is enabled. Once the transport is encrypted, you then have a highly secure channel. Once you have done this, all services that rely on DCS are now using an encrypted and authenticated transport. Those services are DynaCache, memory-to-memory session replication, core groups, Web services caching, and stateful session bean persistence.
From the admin console navigate to Servers >> Core groups. For every Core Group listed, select the Core Group [CoreGroup Name]. Under "Transport Type", select the "Channel Framework" button. If the "transport chain" drop down box is not set to "DCS-Secure", this is a finding.
From the admin console navigate to Core groups >> for every Core Group listed. Select the [Core Group Name]. Under "Transport" type, select "CHANNEL_FRAMEWORK" button. In the "Transport chain" drop down box set to "DCS-SECURE". Click "Save". Sync the configuration.