JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Sun ZFS Appliance Monitor

Security Guide, Version 1.0

search filter icon
search icon

Document Information

Using This Documentation

1.  Overview

Product Overview

Basic Security Principles

Keep Software Up To Date

Restrict Network Access to Critical Services

Follow the Principle of Least Privilege

Monitor System Activity

Monitor System Components

Audit and Review

Keep Up To Date on Latest Security Information

Mobile Device Security Features

Architecture Overview

2.  Secure Installation and Configuration

Installation Overview

Password Protection

3.  Security Features

Security Model

Configuring and Using Authentication

Configuring and Using Access Control

Granting Privileges

Secure Deployment Checklist

Create a Separate User Account

Use a Secure Password for the User Account

Use a Strong Passcode on the iOS Device

VPN Access to Appliances

Basic Security Principles

The following principles are fundamental to using any application securely.

Keep Software Up To Date

One of the principles of good security practice is to keep all software versions and patches up to date. You will be notified when updates are available for download from the Apple App Store. You configure the latest version of the appliance monitor using the information in this guide and the Sun ZFS Appliance Monitor Configuration Guide.

Restrict Network Access to Critical Services

You can use the appliance monitor anywhere there is Internet connectivity. In most cases, the appliance will be behind a firewall within a corporate network, restricting access from outside sources. You will need to download a VPN client for corporate network access. The appliance monitor is capable of network communication within a secure VPN session.

Follow the Principle of Least Privilege

The principle of least privilege states that users should be given the least amount of privilege to perform their jobs. Over ambitious granting of responsibilities, roles, grants, and so forth, especially early in an organization’s life cycle when people are few and work needs to be done quickly, often leaves a system wide open for abuse. Because the appliance monitor is only a monitoring tool, you cannot perform tasks that alter the state of the appliance.

Limit privileges as much as possible. Give users only the access necessary to perform their work. Review user privileges periodically to determine relevance to current work requirements. Rights and privileges for the user account are dictated to the appliance monitor by the appliance. In doing so, the appliance monitor inherits the rules and policies enforced by the appliance.

Monitor System Activity

The appliance monitor places a strong emphasis on being able to view the health and status of a single appliance. It also scales to provide the status for an entire data center, giving you the option to drill down on a potentially problematic situation. You must regularly check for status and notifications returned by the appliance monitor to stay abreast of any potential problems that could arise in a data center.

System security relies on good security protocols, proper system configuration, and system monitoring. Auditing and reviewing audit records address system monitoring. Each component within a system has some degree of monitoring capability. Follow audit advice in this document and regularly monitor audit records.

Monitor System Components

Establish which users have access, and frequency of access, to specific system components. Monitor these components regularly.

Audit and Review

An audit log, which contains records of login and system configuration activity, is maintained by the appliance. You can view the audit log using the appliance monitor. You should plan to regularly check the audit log for unusual or unauthorized activity.

Keep Up To Date on Latest Security Information

The appliance monitor is available for download from the Apple App Store. You will be notified when a new version of the app is available and it is recommended that you apply updates when notified. Product updates, that include security-related patch updates and security alerts, will be released regularly. You must install all product updates and security patches as soon as possible.

Mobile Device Security Features

Your Apple mobile device offers these security features:

Architecture Overview

The following diagram illustrates the various states of the appliance monitor application.

image:Diagram showing the appliance monitor screens.