The compliance rules for the Weblogic Server Configuration Compliance standard follow.
Description: The compliance standard rule verifies whether Java Net FastPath attribute is enabled or not. This attribute enables the Oracle JDBC driver to reduce data copies and fragmentation.
Severity: Critical
Rationale: Enabling this attribute, enables Fast Application Notification (FAN) event awareness of WebLogic Server.
Description: The compliance standard rule verifies whether gathered writes over NIO socket channels enabled or not.
Severity: Critical
Rationale: Enabling GatheredWritesEnabled attribute increases efficiency during I/O in environments with high network throughput.
Description: The rule verifies whether JDBCDatasourceProtocol attribute is SDP protocol or not. WebLogic Server data sources using a JDBC connection string with the protocol portion being set to SDP (PROTOCOL=SDP) are restricted to Exalogic Elastic Cloud Software.
Severity: Critical
Rationale: JDBC Datasource Protocol Check
Description: The compliance standard rule verifies whether JMS persistent file store is configured to ZFS storage.
Severity: Critical
Rationale: By configuring the file store to ZFS store, it will be automatically migrated from an unhealthy server instance to a healthy server instance.
Description: The compliance standard rule verifies whether maximum message count quota for JMS server to be configured for a reasonable value.
Severity: Critical
Rationale: Tuning maximum message count for JMS Server, may improve performance dramatically, such as when the JMS application defers acknowledges or commits
Description: The compliance standard rule verifies whether JSSE as SSL is enabled or not for Weblogic Server target.
Severity: Critical
Rationale: JSSE is the Java standard framework for SSL and TLS and includes both blocking-IO and non-blocking-IO APIs. When WebLogic Server with JSSE SSL is used as either an SSL client or as the SSL server, it can communicate via SSL with instances of WebLogic Server (version 8.1 and later) that use the Certicom SSL implementation.
Description: The compliance standard rule verifies whether the Oracle JDBC optimize UTF-8 conversion option is enabled or not.
Severity: Critical
Rationale: Enabling this attribute, enforces UTF-8 encoding for all files and directories in the file system. When 'Reject non UTF-8' option set, any attempts to create a file or directory with an invalid UTF-8 encoding will fail.
Description: The compliance standard rule verifies whether outbound attribute is enabled for the custom replication channel that uses SDP.
Severity: Critical
Rationale: Enabling this attribute, allows all outbound traffic to use this channel. SDP is an Infiniband feature that can be used as an alternative to TCP/IP that reduces network latency and CPU utilization.
Description: The compliance standard rule verifies whether BEA WebLogic Server Performance Pack is enabled or not
Severity: Critical
Rationale: Benchmarks show major performance improvements in WebLogic Server when you use the performance pack for your platform. Performance packs use a platform-optimized (native) socket multiplexor to improve server performance.
Description: The compliance standard rule verifies whether scattered reads over NIO socket channels are enabled or not.
Severity: Critical
Rationale: Enabling ScatteredReadsEnabled attribute increases efficiency during I/O in environments with high network throughput.
Description: The compliance standard rule verifies whether synchronous-write-policy is configured to direct-write for JMS file stores.
Severity: Critical
Rationale: Configuring synchronous write policy to direct-write will improve reliability.