The following principles are fundamental to using any application securely.
One of the principles of good security practice is to keep all software versions and patches up to date. You will be notified when updates are available for download from the Apple App Store. You configure the latest version of the appliance monitor using the information in this guide and the Sun ZFS Appliance Monitor Configuration Guide.
You can use the appliance monitor anywhere there is Internet connectivity. In most cases, the appliance will be behind a firewall within a corporate network, restricting access from outside sources. You will need to download a VPN client for corporate network access. The appliance monitor is capable of network communication within a secure VPN session.
The principle of least privilege states that users should be given the least amount of privilege to perform their jobs. Over ambitious granting of responsibilities, roles, grants, and so forth, especially early in an organization’s life cycle when people are few and work needs to be done quickly, often leaves a system wide open for abuse. Because the appliance monitor is only a monitoring tool, you cannot perform tasks that alter the state of the appliance.
Limit privileges as much as possible. Give users only the access necessary to perform their work. Review user privileges periodically to determine relevance to current work requirements. Rights and privileges for the user account are dictated to the appliance monitor by the appliance. In doing so, the appliance monitor inherits the rules and policies enforced by the appliance.
The appliance monitor places a strong emphasis on being able to view the health and status of a single appliance. It also scales to provide the status for an entire data center, giving you the option to drill down on a potentially problematic situation. You must regularly check for status and notifications returned by the appliance monitor to stay abreast of any potential problems that could arise in a data center.
System security relies on good security protocols, proper system configuration, and system monitoring. Auditing and reviewing audit records address system monitoring. Each component within a system has some degree of monitoring capability. Follow audit advice in this document and regularly monitor audit records.
Establish which users have access, and frequency of access, to specific system components. Monitor these components regularly.
An audit log, which contains records of login and system configuration activity, is maintained by the appliance. You can view the audit log using the appliance monitor. You should plan to regularly check the audit log for unusual or unauthorized activity.
The appliance monitor is available for download from the Apple App Store. You will be notified when a new version of the app is available and it is recommended that you apply updates when notified. Product updates, that include security-related patch updates and security alerts, will be released regularly. You must install all product updates and security patches as soon as possible.
Your Apple mobile device offers these security features:
Apple Remote Wipe. If your mobile device is lost or stolen, all settings and data can and should be deleted.
Network traffic generated by the appliance monitor will go through SSL (Secure Sockets Layer) encrypting data sent to the appliance.
The following diagram illustrates the various states of the appliance monitor application.