Symantec Control Compliance Suite Express Security Content Update for JBoss Enterprise Application Platform 6.3 Release Notes
Express Security Content Update for JBoss Enterprise Application Platform 6.3 Legal Notice Copyright 2017 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This Symantec product may contain third party software for which Symantec is required to provide attribution to the third party ( Third Party Programs ). Some of the Third Party Programs are available under open source or free software licenses. The License Agreement accompanying the Software does not alter any rights or obligations you may have under those open source or free software licenses. Please see the Third Party Legal Notice Appendix to this Documentation or TPIP ReadMe File accompanying this Symantec product for more information on the Third Party Programs. The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any. THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE. The Licensed Software and Documentation are deemed to be commercial computer software as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19 "Commercial Computer Software - Restricted Rights" and DFARS 227.7202, et seq. "Commercial Computer Software and Commercial Computer Software Documentation," as applicable, and any successor regulations, whether delivered by Symantec as on premises or hosted services. Any use, modification, reproduction release, performance, display or disclosure of the Licensed Software and Documentation by the U.S. Government shall be solely in accordance with the terms of this Agreement.
Symantec Corporation 350 Ellis Street Mountain View, CA 94043 http://www.symantec.com
Express Security Content Update for JBoss Enterprise Application Platform 6.3 This document includes the following topics: Introduction to Express Security Content Update Prerequisites for Express Security Content Update for JBoss Enterprise Application Platform 6.3 Contents of Express Security Content Update for JBoss Enterprise Application Platform 6.3 Installing Express Security Content Update for JBoss Enterprise Application Platform 6.3 Introduction to Express Security Content Update This Express Security Content Update (SCU) is an out-of-band content update, which is complementary to the periodic Security Content Updates on Symantec Control Compliance Suite (CCS) 11.5.2. A separate Express SCU is released for each CCS platform. Each Express SCU comprises an installer to install an individual predefined technical standard along with its corresponding asset group templates and target types. This installer needs to be run manually only on CCS Application Server. The installer can be run both on the agentless and the agent-based CCS 11.5.2 setups.
Express Security Content Update for JBoss Enterprise Application Platform 6.3 Prerequisites for Express Security Content Update for JBoss Enterprise Application Platform 6.3 5 With an easy-to-install setup and an ad-hoc availability of a particular CCS standard, Express SCU is an easy way of installing the required Content platform updates for CCS. This Express SCU will be integrated with the subsequent periodic Security Content Update (SCU). Prerequisites for Express Security Content Update for JBoss Enterprise Application Platform 6.3 The following are the prerequisites to install the Express SCU for JBoss EAP 6.3: Minimum and maximum compatible versions of SCU The minimum and the maximum supported SCU versions for Express SCU for JBoss EAP 6.3 are listed in the following table: CCS version Minimum supported SCU version Maximum supported SCU version 11.5.2 2017-1 2017-2 Minimum privileges To install the Express SCU successfully, the user must have the following minimum privileges: Local administrative privileges CCS administrative privileges Before you install the Express SCU for JBoss EAP 6.3, you must stop the following jobs running on the CCS Application Server: Data collection job Evaluation job Collection-Evaluation-Reporting (CER) job See Contents of Express Security Content Update for JBoss Enterprise Application Platform 6.3 on page 6.
Express Security Content Update for JBoss Enterprise Application Platform 6.3 Contents of Express Security Content Update for JBoss Enterprise Application Platform 6.3 6 Contents of Express Security Content Update for JBoss Enterprise Application Platform 6.3 The Express Security Content Update (SCU) for JBoss Enterprise Application Platform (EAP) 6.3 contains the following: Technical standard The Express SCU for JBoss EAP 6.3 provides an installer to install the following standard: Security Essentials for JBoss EAP 6.3 Target types The following are the target types for the Security Essentials for JBoss EAP 6.3 standard: Red Hat Enterprise Linux 6.x Machines Red Hat Enterprise Linux 7.x Machines Note: The Security Essentials for JBoss EAP 6.3 standard is based on the JBoss EAP 6.3 Security Technical Implementation Guide. This standard is supported only for a JBoss EAP 6.3 instances running in standalone configuration mode on a Red Hat Enterprise Linux (RHEL) computer. You can collect data using the Security Essentials for JBoss EAP 6.3 standard from an RHEL target computer on which JBoss is running. Follow these steps to identify the assets on which JBoss is running: 1. Run a query for the Processes entity in the UNIX platform. The query results provide you a list of UNIX processes that are running on the assets selected in the query. 2. Type jboss in the search box to shortlist the assets on which JBoss process is running. 3. Create a folder in the Assets hierarchy in the Asset System View, and move the assets shortlisted in step 2 to the folder. Then run the Collection-Evaluation-Reporting (CER) job for the Security Essentials for JBoss EAP 6.3 standard on the folder. See Installing Express Security Content Update for JBoss Enterprise Application Platform 6.3 on page 7.
Express Security Content Update for JBoss Enterprise Application Platform 6.3 Installing Express Security Content Update for JBoss Enterprise Application Platform 6.3 7 Installing Express Security Content Update for JBoss Enterprise Application Platform 6.3 To install the Express SCU on a Symantec Control Compliance Suite 11.5.2 setup, you must download the CCS_ExpressSCU_SEJboss_EAP_6.3_Win.exe file from the following location: www.symantec.com/security_response/securityupdates/list.jsp?fid=ccs&pvid=esc To install the Express SCU, refer to the following steps: 1. Copy the downloaded CCS_ExpressSCU_SEJboss_EAP_6.3_Win.exe file to the CCS Application Server. 2. Double-click the CCS_ExpressSCU_SEJboss_EAP_6.3_Win.exe file. The Symantec Control Compliance Suite Express Security Content Update Installer welcome screen is displayed. 3. Click Start to proceed with the installation procedure. -OR- Click Cancel to cancel the installation procedure. 4. Click Finish after the installation of the Security Essentials standard is completed. Note: The Security Essentials for JBoss EAP 6.3 standard is listed in the UNIX Applications folder under the Predefined category in the Standards view. See Prerequisites for Express Security Content Update for JBoss Enterprise Application Platform 6.3 on page 5.