A Security Compliance for JDK Mission Control
Follow these security recommendations to improve the processes of administering and managing JDK Mission Control.
- Use the latest security baseline JDK version for starting JMC.
- Enable Java Discovery Protocol (JDP) only in a secure environment: JDP
is a protocol that enables technologies, in particular, JDK Mission Control and JDK
Flight Recorder, to discover manageable JVMs across the same network subnet. It
enables the JVM browser to list all JVM instances on the network.
You can enable the preferences for JDP protocol using the auto-discover option in JMC. This option is disabled by default. To enable the option, go to Windows, Preferences, JDK Mission Control, JVM Browser, and then JDP. Click auto-discover.
- Use SSL for JMXRMI connections: While connecting to JMX remotely,
ensure that you connect to JVMs having SSL and
Authentication options enabled. This will ensure server
side and client side security.
Provide the Key store and Trust store credentials. To set the values, go to Windows, Preferences, JDK Mission Control, and then JMXRMI.