Oracle netra X5-2 Скачать руководство пользователя

Страница: 21 / 22

Data Protection and Security

string. Attackers can query a community to draw a very complete network map and possibly

modify management information base (MIB) values.

■

Always log out after using the system controller if the system controller uses a browser

interface.

■

Disable unnecessary network services, such as Transmission Control Protocol (TCP) or

Hypertext Transfer Protocol (HTTP). Enable necessary network services and configure

these services securely.

■

Create a banner message that appears at login to state that unauthorized access is prohibited.

You can inform users of any important policies or rules. The banner can be used to warn

users of special access restrictions for a given system, or to remind users of password

policies and appropriate use.

■

Use access control lists to apply restrictions, where appropriate.

■

Set time-outs for extended sessions and set privilege levels.

■

Use authentication, authorization, and accounting features for local and remote access to a

switch.

■

Use these services in very secure environments as they are secured by certificates and other

forms of strong encryption to protect the channel:

■

Active Directory

■

LDAP/SSL (Lightweight Directory Access Protocol/Secure Socket Layer)

■

Use these services on private, secure networks where there are no suspected malicious

users:

■

RADIUS (Remote Authentication Dial In User Service)

■

(Terminal Access Controller Access-Control System)

■

Use the port mirroring capability of the switch for intrusion detection system (IDS) access.

■

Implement port security to limit access based upon a MAC address. Disable auto-trunking

on all ports.

For more information about network security, refer to the

Oracle ILOM Security Guide

which is part of the Oracle ILOM documentation library. You can find the Oracle ILOM

documentation at:

http://www.oracle.com/goto/ILOM/docs

Data Protection and Security

Follow these guidelines to maximize data protection and security:

■

Back up important data using devices such as external hard drives or USB storage devices.

Store the backed-up data in a second, off-site, secure location.

Maintaining a Secure Environment

Содержание netra X5-2

Страница 1: ...Oracle Server X5 2 Security Guide Part No E48323 03 May 2015 ...

Страница 2: ......

Страница 3: ...rmation management applications It is not developed or intended for use in any inherently dangerous applications including applications that may create a risk of personal injury If you use this software or hardware in dangerous applications then you shall be responsible to take all appropriate fail safe backup redundancy and other measures to ensure its safe use Oracle Corporation and its affiliat...

Страница 4: ...n des informations Ce logiciel ou matériel n est pas conçu ni n est destiné à être utilisé dans des applications à risque notamment dans des applications pouvant causer un risque de dommages corporels Si vous utilisez ce logiciel ou ce matériel dans le cadre d applications dangereuses il est de votre responsabilité de prendre toutes les mesures de secours de sauvegarde de redondance et autres mesu...

Страница 5: ... Security 12 Oracle Hardware Management Pack Security 14 Planning a Secure Environment 15 Password Protection 15 Operating System Security Guidelines 16 Network Switches and Ports 16 VLAN Security 17 InfiniBand Security 17 Maintaining a Secure Environment 19 Power Control 19 Asset Tracking 19 Updates for Software and Firmware 20 Network Security 20 Data Protection and Security 21 Log Maintenance 2...

Страница 6: ...6 Oracle Server X5 2 Security Guide May 2015 ...

Страница 7: ...n Change all default passwords when installing a new system Most types of equipment use default passwords such as changeme that are widely known and could allow unauthorized access to hardware or software Refer to the documentation that came with your software to enable any security features available for the software Install servers and related equipment in a locked restricted access room If equi...

Страница 8: ...lege levels for users Authorization Authorization allows administrators to control what tasks or privileges a user may perform or use Personnel can only perform the tasks and use the privileges that have been assigned to them Authorization refers to restrictions placed on personnel to work with hardware and software Allow personnel to work only with hardware and software that they are trained and ...

Страница 9: ...orded on cards modules and motherboards and can be used for inventory purposes To detect and track components provide a security mark on all significant items of computer hardware such as FRUs and CRUs Use special ultraviolet pens or embossed labels Keep hardware activation keys and licenses in a secure location that is easily accessible to the system administrator especially during system emergen...

Страница 10: ...10 Oracle Server X5 2 Security Guide May 2015 ...

Страница 11: ... com goto x86AdminDiag docs The following information describes security issues related to Oracle System Assistant Oracle System Assistant contains a bootable root environment Oracle System Assistant is an application that runs on a preinstalled internal USB flash drive Oracle System Assistant is built on top of a bootable Linux root environment Oracle System Assistant also provides the ability to...

Страница 12: ... the host operating system However if the security implications described above are unacceptable or if the tool is not needed Oracle System Assistant can be disabled After disabling Oracle System Assistant the USB storage device is no longer accessible to the host operating system and users will be unable to boot into Oracle System Assistant You can disable Oracle System Assistant from either the ...

Страница 13: ...s To protect your system from unwanted network intrusions do not establish a serial connection serial port to Oracle ILOM through any type of network redirection device such as a terminal server unless the server has sufficient access controls In addition certain Oracle ILOM functions such as password reset and the Preboot menu are only made available using the physical serial port Connecting the ...

Страница 14: ...s Oracle Hardware Management Pack itself does not contain an SNMP agent For Linux a module is added to the net snmp agent For Oracle Solaris a module is added to the Oracle Solaris Management Agent For Microsoft Windows the Plugin extends the native SNMP service Any security settings related to SNMP for the Oracle Hardware Management Pack are determined by the settings of the native SNMP agent or ...

Страница 15: ...quirements that pertain to your system and specific environment Password Protection Passwords are an important aspect of security since poorly chosen passwords could result in unauthorized access to company resources Implementing password management best practices ensures that users adhere to a set of guidelines for creating and protecting their passwords Typical components of a password policy sh...

Страница 16: ...ng system To find the Security Guide document for an Oracle operating system go to the Oracle operating system documentation library Operating System Link Oracle Solaris OS http www oracle com technetwork documentation solaris 11 192991 html Oracle Linux OS http www oracle com technetwork documentation ol 1 1861776 html Oracle VM http www oracle com technetwork documentation vm 096300 html For inf...

Страница 17: ...disables a specified MAC address from connecting to a switch MAC Learning uses the knowledge about each switch port s direct connections so that the network switch can set security based on current connections VLAN Security If you set up a virtual local area network VLAN remember that VLANs share bandwidth on a network and require additional security measures Separate sensitive clusters of systems...

Страница 18: ...and Security Note that partitioning does not protect an InfiniBand fabric Partitioning only offers InfiniBand traffic isolation between virtual machines on a host 18 Oracle Server X5 2 Security Guide May 2015 ...

Страница 19: ...ments that pertain to your system and specific environment Power Control You can use software to turn on and off power to some Oracle systems The power distribution units PDUs for some system cabinets can be enabled and disabled remotely Authorization for these commands is typically set up during system configuration and is usually limited to system administrators and service personnel Refer to yo...

Страница 20: ... and might require patches and firmware updates You can find software updates and security patches on the My Oracle Support web site at http support oracle com Network Security After the networks are configured based on security principles regular review and maintenance are needed Follow these guidelines to secure local and remote access to your systems Limit remote configuration to specific IP ad...

Страница 21: ...d remote access to a switch Use these services in very secure environments as they are secured by certificates and other forms of strong encryption to protect the channel Active Directory LDAP SSL Lightweight Directory Access Protocol Secure Socket Layer Use these services on private secure networks where there are no suspected malicious users RADIUS Remote Authentication Dial In User Service TACA...

Страница 22: ...s of such sensitivity that the only proper sanitation method is physical destruction of the hard drive by means of pulverization or incineration Organizations are strongly encouraged to refer to their data protection policies to determine the most appropriate method to sanitize hard drives Caution Disk wiping software might not be able to delete some data on modern hard drives especially solid sta...

Результаты поиска

Содержание netra X5-2

Отзывы:

Похожие инструкции для netra X5-2

Бренды по названию

Популярные бренды

Oracle netra X5-2, Руководство по безопасности

Результаты поиска

Содержание netra X5-2

Отзывы:

Похожие инструкции для netra X5-2

Бренды по названию

Популярные бренды