Go to main content
1/9
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
1
Overview
Product Overview
General Security Principles
Keep Software Up To Date
Restrict Network Access to Critical Services
Follow the Principle of Least Privilege
Monitor System Activity
Keep Up To Date on Latest Security Information
2
Secure Installation
Understand Your Environment
Which resources need to be protected?
From whom are the resources being protected?
What will happen if the protections on strategic resources fail?
Recommended Procedure for Securing ACSLS
Securing ACSLS Internet Communication
Secure ACSLS and Tape Libraries Behind the Corporate Firewall
ACSLS Firewall Secure Option
Ethernet Ports Used for ACSLS Communication
Configuring Firewalls Running on the ACSLS Server
Installing and Configuring Solaris
Installing and Configuring Linux
Auditing Linux Security
SELinux Security
Installing and Configuring ACSLS
Perform a Standard ACSLS Installation
Use Strong Passwords for the ACSLS User IDs
Restrict Access to ACSLS Files
Set ’root' as the Effective User ID for Three ACSLS Files
Review Settings for ACSLS Static and Dynamic Variables
Configuring WebLogic
Use the ACSLS userAdmin.sh Utility to Create and Maintain ACSLS GUI users
Using the ACSLS GUI
Install the Latest JRE Version on GUI Client Systems
Accessing the ACSLS GUI
ACSLS GUI Certificates
GUI ACSLS Demo Certificate
GUI Auto-Generated Certificate
Manually Configure a Self-Signed GUI Certificate
GUI Certificates Signed by a Third Party Signing Authority
SCI Certificate
Auto-Generated SCI Certificate
Manually Generate an SCI Self-Signed Certificate
SCI Certificates Signed by a Third Party Signing Authority
ACS Wallet
ACS Usernames and Passwords
SCI Certificate Password
3
Security Features
The Security Model
Configuring and Using Authentication
ACSLS User Authentication by the Solaris or Linux Operating Systems
ACSLS GUI User Authentication by WebLogic
Audit Considerations
Keeping Audited Information Manageable
Evaluate the purpose for auditing
Audit knowledgeably
Configuring and Using the ACSLS Audit Logs
ACSLS Log Directory
ACSLS Log/sslm Directory
Viewing ACSLS Audit Trails from the GUI's Log Viewer
View System Events from the GUI
Configuring and Using the Solaris Audit Logs
Configuring and Using the Linux Audit Logs
Configuring and Using the WebLogic Audit Logs
4
Security Considerations for Developers
Enable the Firewall Security on the Client Application's Server
A
Secure Deployment Checklist
B
References
Scripting on this page enhances content navigation, but does not change the content in any way.