All the components in the deployment have the same GMT time stamp.
CDSSO must be enabled before configuring Cookie Hijacking Prevention.
The Cookie Hijacking Prevention configuration doesn't prevent cookies being viewed or hijacked by hackers using network snooping applications. The only way to prevent this is by using a secure communication protocol such as SSL.
All the agents in the deployment have a unique agent profile in the OpenSSO Enterprise server.