Security Considerations for Sentinel Log Manager
2
13
no
vd
ocx
(e
n)
19
Fe
bru
a
ry
20
10
2
Security Considerations for
Sentinel Log Manager
This section provides specific instructions on how to securely install, configure, and maintain
Novell
®
Sentinel
TM
Log Manager.
Section 2.1, “Securing Communication Across the Network,” on page 13
Section 2.2, “Securing Users and Passwords,” on page 16
Section 2.3, “Securing Sentinel Data,” on page 17
Section 2.4, “Securing the Operating System,” on page 19
Section 2.5, “Auditing Sentinel,” on page 20
Section 2.6, “Generating an SSL Certificate for the Server,” on page 20
2.1 Securing Communication Across the
Network
The various components of Sentinel Log Manager communicate across the network, and there are
different types of communication protocols used throughout the system. All of these communication
mechanisms affect the security of your system.
Section 2.1.1, “Communication between Sentinel Log Manager Processes,” on page 13
Section 2.1.2, “Communication between Sentinel Log Manager and the Event Source Manager
Client Application,” on page 14
Section 2.1.3, “Communication between the Server and the Database,” on page 15
Section 2.1.4, “Communication between the Collector Managers and Event Sources,” on
page 15
Section 2.1.5, “Communication with Web Browsers,” on page 15
Section 2.1.6, “Communication between the Database and Other Clients,” on page 15
Section 2.1.7, “Communication between Sentinel Log Manager and NFS/CIFS Archive
Servers,” on page 16
2.1.1 Communication between Sentinel Log Manager
Processes
Sentinel Log Manager processes include the Sentinel Log Manager server, Tomcat, and Collector
Manager. They communicate with each other by using ActiveMQ*.
The communication between these server processes is by default over SSL via the ActiveMQ
message bus. The processes use SSL by reading the following information in
<
Install_Directory>/config/configuration.xml
:
Summary of Contents for SENTINEL LOG MANAGER 1.0.0.5 - 03-31-2010
Page 4: ...4 Sentinel Log Manager 1 0 0 4 Administration Guide novdocx en 19 February 2010 ...
Page 46: ...46 Sentinel Log Manager 1 0 0 4 Administration Guide novdocx en 19 February 2010 ...
Page 74: ...74 Sentinel Log Manager 1 0 0 4 Administration Guide novdocx en 19 February 2010 ...
Page 140: ...140 Sentinel Log Manager 1 0 0 4 Administration Guide novdocx en 19 February 2010 ...
Page 146: ...146 Sentinel Log Manager 1 0 0 4 Administration Guide novdocx en 19 February 2010 ...
Page 148: ...148 Sentinel Log Manager 1 0 0 4 Administration Guide novdocx en 19 February 2010 ...
Page 158: ...158 Sentinel Log Manager 1 0 0 4 Administration Guide novdocx en 19 February 2010 ...
Page 166: ...166 Sentinel Log Manager 1 0 0 4 Administration Guide novdocx en 19 February 2010 ...
Page 168: ...168 Sentinel Log Manager 1 0 0 4 Administration Guide novdocx en 19 February 2010 ...