Web Viewer's communication to the mainframe backend, if this is a database, should be encrypted. From the server to the database, the Security Technical Implementation Guide (STIG) requires DB payload encryption. This is normally accomplished by a DBA going to request an encryption certificate and put it on a database (DB2). If the Web Viewer server is talking to a database on IBM Mainframe, our expectation is the same encryption should occur.
Release : 12.1
Component : CA OUTPUT MANAGEMENT WEB VIEWER FOR ALL PLATFORMS
The SQL database was not on the mainframe. CCI TLS 1.2 encryption is already in place, so all communications to the mainframe from the Web Viewer Server are already encrypted.