This chapter outlines the planning process for a secure installation and describes several recommended deployment topologies for the systems.
To better understand security needs, ask the following questions:
You can protect many of the resources in the production environment. Consider the type of resources to protect when determining the level of security to provide.
When using DIVAnet, you must protect the following resources:
DIVAnet is installed on a server attached to one or more disks (either a local or remote disk directly connected to the DIVAnet system). Independent access to these disks (not through DIVAnet) presents a security risk. This type of external access might be from a rogue system that reads or writes to these disks, or from an internal system that accidentally provides access to these disk devices.
There are database software and data resources used to build DIVAnet systems. The data exists typically on local or remote disks connected to the DIVAnet systems. Independent access to these disks (not through DIVAnet) presents a security risk. This type of external access might be from a rogue system that reads or writes to these disks, or from an internal system that accidentally provides access to these disk devices.
DIVAnet uses DIVArchive Sources and Destinations, and DIVA archival systems (disk or tape) in the process of satisfying its requests. Unwarranted independent access to these server disks and system medium, which are typically controlled by DIVArchive systems, is a security risk. The Source/Destinations that are used as temporary data stores for DIVAnet copy operations, should have restricted access, and you should consider dedicating these Source/Destinations solely to DIVAnet operations - and also ensure that the transfers are encrypted or initiated over a trusted network.
DIVAnet system configuration settings must be protected from operating system level non-administrator users. In general, these settings are protected automatically by operating system level administrative users. Making the configuration files writable to non-administrative operating system users presents a security risk.
In general, the resources described in the previous section must be protected from all non-administrator access on a configured system, or from rogue external systems that can access these resources through the WAN or FC fabric.
Protection failures against strategic resources can range from inappropriate access (that is, access to data outside of normal DIVAdirector operations) to data corruption (erroneously deleting assets, or writing to disk or tape outside of normal permissions).
This section describes installation and configuration of a secure infrastructure component.
For information about installing DIVAnet, refer to the Oracle DIVAnet Installation, Configuration, and Operations Guide in the DIVAnet 2.3.0 Documentation library at:
https://docs.oracle.com/en/storage/#csm
Consider the following points when installing and configuring DIVAnet.
You should install only those DIVAnet components that you require. For example, if you plan to run only DIVAnetUI from a client computer, deselect the DIVAnet Services check box in the list of components to be installed during installation. The default DIVAnet installation directory permissions and owners should not be changed after installation without considering the security implications of such changes.
Oracle recommends that you install the ManagerAdapter component on the DIVArchive Manager system for increased system security. If external access to the DIVArchive Manager port is not needed, it is recommended to block the port using firewall software. In addition, it will often not be necessary to allow external network access to the DIVAnet DbSync WebService port.
If you connect to a remote DIVArchive instance over a WAN, ensure that you connect over a trusted network. Also, consider connecting to the site using SSL/TLS to the remote site's ManagerAdapter port.
Use FC Zoning to deny access to the DIVAnet disks connected through Fibre Channel from any server that does not require access to the disks. Preferably, use a separate FC switch to physically connect only to the servers requiring access.
SAN RAID disks can usually be accessed for administrative purposes through TCP/IP or more typically HTTP. You must protect the disks from external access by limiting the administrative access to SAN RAID disks to systems only within a trusted domain. Also, change the default password on the disk arrays.
After installing any portion of DIVAnet, go through the Security Checklist in Appendix A.