The purpose of this Tech Doc is to address a concern about potential security issues associated with the default configuration of the SiteMinder OneView Monitor component.
CA currently has no plans to change the installation and deployment procedures for the SiteMinder OneView Monitor component. All SiteMinder deployments, including web agents, and the optional OneView Monitor component, require manual configuration and recommended measures to secure the installations.
The optional OneView Monitor component is not installed by default. When installing and deploying OneView Monitor, the administrator must create a SiteMinder policy, as described in the SiteMinder Admin Guide, to protect OneView Monitor.
Please review the solution below to ensure that you have implemented an appropriate SiteMinder policy to protect the OneView Viewer.
The default installation/configuration of OneView Monitor does not implement Oneview Monitor protection.
To secure the OneView Viewer, create a SiteMinder policy that protects the resources in sitemindermonitor.
Follow these steps to create the SiteMinder policy:
The resource /sitemindermonitor should now be properly protected.