Skip Navigation Links | |
Exit Print View | |
Sun QFS and Sun Storage Archive Manager 5.3 Security Guide Sun QFS and Sun Storage Archive Manager 5.3 Information Library |
1. Sun QFS and Sun Storage Archive Manager Overview
2. Secure Installation and Configuration
Recommended Deployment Topologies
Post-Installation Configuration
3. Sun QFS and Sun Storage Archive Manager Security Features
To better understand your security needs, ask yourself the following questions:
Which resources am I protecting?
You can protect many of the resources in the production environment. Consider the type of resources that you want to protect when determining the level of security to provide.
When using SAM-QFS, protect the following resources:
Metadata and primary data disk – These disk resources are used to build SAM-QFS file systems. They are typically Fibre Channel (FC) connected. Independent access to these disks (not by means of SAM-QFS) presents a security risk because normal SAM-QFS file and directory permissions are bypassed. This type of external access might be from a rogue system that reads or writes the FC disks, or from an internal system that accidentally provides non-root access to raw device files.
SAM tapes – Independent access to tapes, typically in a tape library, where file data is written when staged off a SAM file system is a security risk.
SAM-QFS dump files – File system dumps that are created from samfsdump contain data and metadata. This data and metadata should be protected from access other than by the system administrator during a routine dump or restore activity.
SAM-QFS Metadata server (MDS) – SAM-QFS clients require TCP/IP access to the MDS. However, ensure that the clients are protected from external WAN access.
Configuration files and settings – SAM-QFS configuration settings must be protected from non-administrator access. In general, these settings are protected automatically by SAM-QFS when you use the SAM-QFS Manager. Note that making the configuration files writable to non-administrative users presents a security risk.
From whom am I protecting the resources?
In general, the resources described in the previous section must be protected from all non-root or non-administrator access on a configured system, or from a rogue external system that can access these resources by means of the WAN or FC fabric.
What will happen if the protections on strategic resources fail?
Protection failures against strategic resources can range from inappropriate access (access to data outside of normal SAM-QFS POSIX file permissions) to data corruption (writing to disk or tape outside of normal permissions).