This chapter outlines the planning process for a secure installation and describes several recommended deployment topologies for the systems.
To better understand security needs, the following questions must be asked:
You can protect many of the resources in the production environment. Consider the type of resources that you want to protect when determining the level of security to provide. When using DIVAdirector, protect the following resources:
There are proxy folders containing low resolution clips. They are primarily on local or remote disks connected to the DIVAdirector system. Independent access to these disks (not through DIVAdirector) presents a security risk. This type of external access might be from a rogue system that reads or writes to these disks, or from an internal system that accidentally provides access to these disk devices.
There are Database Disk and Backup Disk resources used to build DIVAdirector. They are typically local or remote disk connected to the DIVAdirector systems. Independent access to these disks (not through DIVAdirector) presents a security risk. This type of external access might be from a rogue system that reads or writes to these disks, or from an internal system that accidentally provides access to these disk devices.
DIVAdirector system configuration settings must be protected from operating system (OS) level non-administrator users. In general, these settings are protected automatically by OS level administrative users. Note that making the configuration files writable to non-administrative OS users presents a security risk. Sensitive files encompass all application configuration files contained in the installation directory including:
www\Web.config
Api\Oracle.DIVAdirector.Api.exe.config
TaskManager\Oracle.DIVAdirector.TaskManager.exe.config
cmgserver\cmgserver.ini