2 Secure Installation

This section outlines the planning process for a secure installation and describes several recommended deployment topologies for the systems. The following will not detail the installation, configuration, and administration of the LTFS-LE application. The installation, configuration, and administration will be covered in the LTFS-LE Installation and Administration Guide 1.0.

Understand Your Environment

To better understand security needs, the following questions must be asked:

Which resources need to be protected?

For LTFS-LE, the host server and the associated network must be protected from unauthorized access

From whom are the resources being protected?

LTFS-LE must be protected from everyone on the Internet, external users, and unauthorized internal users.

What will happen if the protections on strategic resources fail?

It is possible that someone could maliciously cause data loss to tape storage with unauthorized access to LTFS-LE.

Installing Linear Tape File System – Library Edition (LTFS-LE)

LTFS-LE should only be installed on systems that are within the same protected (firewalled) network infrastructure as the monitored devices. Customer access controls should be enforced on the systems where LTFS-LE is installed to assure restricted access to the application.

Refer to the following LTFS-LE user guides for installation instructions.

Oracle LTFS-LE Planning and Installation

Post Installation Configuration

There is no post installation configuration security changes. The configuration is set by the customer during installation.

Assign the user (admin) password.

The customer administration account password is set by the customer during the installation.

Enforce password management

Customer Corporate password management rules, such as password length, history, and complexity must be applied to the administrator password.