2 Secure Installation

This section outlines the planning process for a secure installation and describes several recommended deployment topologies for the systems. The STA Installation and Configuration Guide and STA Administration Guide cover installation, configuration, and administration in detail.

Understand Your Environment

To better understand security needs, the following questions must be asked:

Which resources need to be protected?

For STA the host server and the associated network must be protected from unauthorized access.

From whom are the resources being protected?

STA must be protected from everyone on the Internet, external users, and unauthorized internal users.

What will happen if the protections on strategic resources fail?

As STA is a device monitoring and usage application, unauthorized access to STA will only affect STA. The monitored devices and associated data will not be affected.

Installing StorageTek Tape Analytics (STA)

STA should only be installed on systems that are within the same protected (firewalled) network infrastructure as the monitored devices, that is, libraries. Customer access controls should be enforced on the systems where STA is installed to assure restricted access to the application.

Refer to the STA Installation and Configuration Guide for installation instructions.

Post Installation Configuration

There are no post-installation configuration security changes. The configuration is set by the customer during installation.

Assign the user (admin) password.

The customer administration account password is set by the customer during the installation.

Enforce password management

Customer Corporate password management rules such as password length, history, and complexity must be applied to the administrator password.