Confirm HTTP security headers on Enforce Server
Article ID: 176290
Updated On:
Products
Issue/Introduction
Symantec Data Loss Prevention (DLP) Enforce
A vulnerability scanner shows that the DLP Web Server (Tomcat) displays a possible vulnerability involving missing security headers.
How do you confirm the presence of HTTP security headers.
Cause
Often vulnerability scanners pick up missing headers, as there are none for the front site that comes before the logon page.
The scan detects the vulnerability before the Enforce web page loads.
The redirect page is built on the base tomcat instance.
It has no sensitive information in it or access to the underlying web server components.
Thus, the scanner picks up a "vulnerability".
This reported vulnerability is nothing to worry about and all checks should be made from: https://[ENFORCE URL]
As soon as the Protect Manager web app kicks in, that is where DLP resides, all protections are in place.
Resolution
To confirm HTTP security headers. Take the following steps:
In Internet Explorer:
- After opening IE -before going to the Enforce logon page - hit F12 to open the Developer Browser tools.
- Navigate to the "Network" tab.
- Go to the Enforce logon page.
- Click on the "Logon" Network Content
- Inspect the Response Headers on the right side and ensure that appropriate headers are present.
In Mozilla Firefox:
- After you open Firefox - Before you go to the Enforce logon page - Hit CTRL + SHIFT + E to open the Developer Browser Tools.
- Navigate to the "Network" tab.
- Go to the Enforce logon page.
- Click on the "Logon" Network Content.
- Inspect the Response Headers on the right side and ensure that appropriate headers are present.
All examples are from a 15.5 DLP environment.
Additional Information
This applies to:
QID-11827 - Security Header Not Detected
Feedback
