Set strong passwords for the Administrator and any other operating system accounts that have any DIVAnet administrator or service roles assigned to them. This includes:
diva, divanetsvc, and Oracle User IDs if being used
Any disk administrative accounts
Do not use a local administrator operating system account, instead assign roles as needed to other user accounts.
Use site-specific certificates for each DIVAnet installation, and define a strong password for the Oracle database and private keystore. Set a strong password for the Oracle database operating system login.
Install firewall software on every DIVAnet system and apply the default DIVAnet port rules. Restrict access to the DIVAnet API socket (tcp 7101) to IPs that require access using firewall rules. Perform this step with DIVAnet's Access Rules.
Install operating system and DIVAnet updates on a periodic basis since they include security patches.
Install antivirus and exclude the DIVAdirector processes and storage for performance reasons.
Best practices dictate segregation of FC disks and FC tape drives either physically or through FC Zoning so that disks and tape devices do not share the same HBA port. This security practice helps prevent loss-of-data accidents resulting from accidental overwriting important data.
Configure an appropriate set of backups for the DIVAnet configuration and database. Backups are part of security and provide a way of restoring data lost either accidentally, or through some breach. Your backup should include some policy while being transported to an off-site location. Backups need to be protected to the same degree as DIVAnet disks.