Recommended Deployment Topologies

Installing SAM-QFS

This section describes how to install and configure an infrastructure component securely.

For information about installing SAM-QFS, see Chapter 5, Installing Sun QFS and SAM-QFS, in Sun QFS and Sun Storage Archive Manager 5.3 Installation Guide.

Consider the following points when installing and configuring SAM-QFS:

• Separate metadata network – To connect SAM-QFS clients to the MDS servers, provide a separate TCP/IP network and switch hardware that is not connected to any WAN. Because the metadata traffic is implemented by using TCP/IP, an external attack on this traffic is theoretically possible. Configuring a separate metadata network mitigates this risk and also provides enhanced performance. The improved performance is achieved by providing a guaranteed data path to the metadata. If a separate metadata network is infeasible, at least deny traffic to the SAM-QFS ports from the external WAN and any untrusted hosts on the network. See Restrict Network Access to Critical Services.

• FC zoning – Use FC zoning to deny access to the SAM-QFS disks from any server that does not require access to the disks. Preferably, use a separate FC switch to physically connect only to the servers that require access.

• Safeguard SAN disks configuration access – SAN RAID disks can usually be accessed for administrative purposes by means of TCP/IP or more typically HTTP. You must protect the disks from external access by limiting the administrative access to SAN RAID disks to systems only within a trusted domain. Also, change the default password on the disk arrays.

• Install the SAM-QFS package – First, install only those packages that you require. For example, if you do not plan to run SAM, install only the QFS packages.

  The default SAM-QFS file and directory permissions and owners should not be changed after installation without considering the security implications of such changes.

• Client access – If you plan to configure shared clients, determine which clients must have access to the file system in the hosts file. See the hosts.fs(4) man page. Configure only those hosts that require access to the particular file system being configured.

• Harden Oracle Solaris metadata server – For information about hardening the Oracle Solaris OS, see the Oracle Solaris 10 Security Guidelines and the Oracle Solaris 11 Security Guidelines. At a minimum, choose a good root password, install an up-to-date version of the Oracle Solaris OS, and keep current on patches, particularly security patches.

• Harden Linux clients – Check the Linux documentation about how to harden Linux clients. At a minimum, choose a good root password, install an up-to-date version of the Linux operating system, and keep current on patches, particularly security patches.

• SAM-QFS tape security – Prevent external access to SAM tapes from outside of SAM, or limit such access to administrators only. Use FC zoning to limit the access to tape drives to only the MDS (or potential MDS if a backup MDS is configured). Also, limit tape device file access by granting root only permissions. Unauthorized access to SAM tapes can compromise or destroy user data.

• Backups – Set up and perform backups of SAM-QFS data by using the samfsdump or qfsdump command. Limit access to dump files as is recommended for SAM tapes.

Installing Sun SAM-Remote

For information about securely installing the Sun SAM-Remote software, see Chapter 18, Using the Sun SAM-Remote Software, in Sun Storage Archive Manager 5.3 Configuration and Administration Guide.

Installing SAM-QFS Manager

For information about securely installing the SAM-QFS Manager, see Chapter 6, Installing and Configuring SAM-QFS Manager, in Sun QFS and Sun Storage Archive Manager 5.3 Installation Guide.

Post-Installation Configuration

After installing any of the SAM-QFS packages, go through the security checklist in Appendix A, Secure Deployment Checklist.