- Sun Cluster 3.0 12/01 Security with the Apache and iPlanet Web and Messaging Agents
- Assumptions and Limitations
- Solaris OE Service Restriction
- Sun Cluster 3.0 Daemons
- Terminal Server Usage
- Node Authentication
- Securing Sun Cluster 3.0 12/01 Software
- Verifying Node Hardening
- Maintaining a Secure System
- Solaris Security Toolkit Software Backout Capabilities
Maintaining a Secure System
Maintaining a secure system requires vigilance, as the default security configuration for any system tends to become increasingly open over time. In the case of a cluster, this is particularly true because of the sensitivity of information contained on and offered by it. An in-depth discussion on ongoing system maintenance is beyond the scope of this article, but several areas are introduced to raise your awareness.
First, keep in mind that Solaris OE patches can install additional software packages as part of their installation and may overwrite system configuration files. Be sure to review the security posture of a system after, and ideally before, any patch installation is performed. The Solaris Security Toolkit software can assist you with this, as it was built to support multiple runs on a system. Running it after any patch installation, with the correct drivers, will ensure that added software is disabled. Also perform a manual review of the system because the version of the Solaris Security Toolkit software being used may not support the new features added by the installed patches.
Secondly, monitor the system on an ongoing basis to ensure that unauthorized behavior is not taking place. Reviewing system accounts, passwords, and access patterns can provide a great deal of information about what is being done on the system.
Thirdly, deploy and maintain a centralized syslog repository to collect and parse syslog messages from the cluster nodes. A tremendous amount of information can be logged, and valuable information obtained, by gathering and reviewing these logs.
Lastly, your organization should have a comprehensive vulnerability and audit strategy in place to monitor and maintain system configurations. This is particularly important in the context of maintaining systems in secure configurations over time.