WAS v8.5 > Tune performance > Tune security

Tune, hardening, and maintaining security configurations

After installing WebSphere Application Server, there are several considerations for tuning, strengthening, and maintaining your security configuration.

The following topics are covered in this section:

• Tuning security configurations We can tune your security configuration to balance performance with function. We can achieve this balance following considerations for tuning general security, Common Secure Interoperability version 2 (CSIv2), LDAP authentication, web authentication, and authorization. For more information on tuning security, see Tune security configurations.
• Hardening security configurations Several methods exist used to protect your infrastructure and applications from different forms of attack. For more information on hardening your security, see Hardening security configurations.
• Secure passwords in files Password encryption and encoding can add protection to passwords existing in files. For more information on encoding and encrypting passwords, see Secure passwords in files.

For additional information about hardening security configurations, see the WebSphere Application Server security web page.

Subtopics

• Tune security configurations
  We can tune security to balance performance with function. We can achieve this balance following considerations for tuning general security, Common Secure Interoperability version 2 (CSIv2), LDAP authentication, web authentication, and authorization.
• Hardening security configurations
  There are several methods used to protect the WAS infrastructure and applications from different forms of attack. Several different techniques can help with multiple forms of attack. Sometimes a single attack can leverage multiple forms of intrusion to achieve the end goal.
• Secure passwords in files
  Password encoding and encryption deters the casual observation of passwords in server configuration and property files.
• Enablement and migration considerations of Security hardening features
  In this release of WAS, more security hardening features of the server are enabled out-of-the-box by default. When migrating, the settings that were enabled prior to migration are retained. However, if the features are not enabled after migration we can enable them yourself.
• Tune security configurations
  We can tune security to balance performance with function. We can achieve this balance following considerations for tuning general security, Common Secure Interoperability version 2 (CSIv2), LDAP authentication, web authentication, and authorization.
• Hardening security configurations
  There are several methods used to protect the WAS infrastructure and applications from different forms of attack. Several different techniques can help with multiple forms of attack. Sometimes a single attack can leverage multiple forms of intrusion to achieve the end goal.
• Enablement and migration considerations of Security hardening features
  In this release of WAS, more security hardening features of the server are enabled out-of-the-box by default. When migrating, the settings that were enabled prior to migration are retained. However, if the features are not enabled after migration we can enable them yourself.
• Secure passwords in files
  Password encoding and encryption deters the casual observation of passwords in server configuration and property files.

+

Search Tips   |   Advanced Search