Deployment

We have had our operations staff prepping the environment, setting up policies, procedures, and products. They have been testing development builds and are starting to track change management requests. We have set up our management and monitoring products and have hired an external security consulting firm to perform a suite of penetration tests on our hosting environment. We have also applied all of the best practices mentioned throughout the book related to the environment. Everything is now locked down and ready for production support. We can now deploy our application to production.

Configuration

A critical step in securing the environment for production is configuration. Configuration management is always a tedious and time-consuming task. It applies to all aspects of the environment, just like security. It is also the basis of a security infrastructure because poor configuration is blamed for a large amount of security holes. A poorly configured router or firewall is more of a security problem than not having one at all, because it provides a false sense of security.

Intrusion Detection Systems (IDSs) are one way of managing host configurations. They do not necessarily provide configuration management, but they are good at reporting when a file in a file system has been added, changed, or deleted. Most host-based attacks involve changes to one or more files, either to open up additional holes or to compromise the system in a way that the initial penetration is unable to achieve. An IDS can detect this change and notify an administrator, who can then take corrective action.

Monitoring

We are also going to use our IDS to monitor our network for malicious activity. The IDS can detect an attack in progress and notify our administrators. Depending on your IDS, it may also be able to react to the attack and take proactive action such as blocking the IP address of the attacker.

In addition to network monitoring, we need to monitor our host and the application itself. For the host, we need to monitor log files, but we also need to monitor resource consumption. An application can often be taken down by the most mundane of factors, such as running out of hard disk space. There are many enterprise management tools. Many of these tools provide a range of sophisticated monitoring capabilities with the ability to set alarms and thresholds and the ability to provide a number of notification mechanisms.

Our eRewards portal application itself will be monitored using JMX interfaces of the J2EE platform. We built the ability to declaratively define the attributes and operations we want to monitor and to set alarms and notification options on the business components through the MBeans framework provided by the J2EE platform. This allows us to monitor various aspects, such as security, within our application.

Auditing

The last step in a successful deployment of our portal is ongoing audits of the system. Both financial and security audits are part of our business requirements and provide a sound means of ensuring security requirements are being met throughout the lifetime of the application.

For our auditing, we have brought in a security auditor to provide auditing of the network, host system, and application-level security mechanisms and infrastructure. This will provide us with the end-to-end security architecture verification that ensures we are adequately protected. We can now rest assured that our application is sufficiently secure and will remain so throughout its life cycle. While there is no guarantee that we are protected from all attacks, we are certain we have taken all the necessary steps to provide the level of security defined by our business requirements and all known threats and vulnerabilities