Flylib.com

Books Software

 
 
 

Category list


Similar pages

Solaris System Management (New Riders Professional Library) - page 47


Buy on amazon.com >>
Philcox J. Wall S.
    << Previous page
    Table of contents
    Next page >>
       

    Summary

    The implementation of a new system can often be a complex task, frequently aggravated by financial constraints and pressures. The system manager should be able to offset a number of costs to the project or department requesting the implementation. The complications are much greater when a continuous operation is required, on a 24x7 basis. Staff, management, and financial considerations all play a part here and need to be resolved satisfactorily to provide the required level of service.

    A new system creates a number of issues relating to its environment, such as its accommodation in the computer room, the power requirements, environmental control, and so on. All of these can have an effect on the existing systems already present in the room, so the system manager must be mindful of the current operation and must take special care to avoid disruption wherever possible.

    Upgrading existing systems carries a different risk from the new installation in that an operational system is being modified. Clustered solutions, such as the Sun cluster software, greatly assist the system manager in reducing the impact on the business and eliminating downtime of the operation. This is achieved by having a number of systems share the workload so that when one is removed from the cluster to be upgraded, the others merely take on the work that was being carried out by that system. On completion of the upgrade, the system simply rejoins the cluster, and the operation continues uninterrupted.

    The system manager must always consider contingency in case of a failure. Part of his preparation for an upgrade has to be the consideration of fallback plans so that he can quickly restore the system to its former state, if required. The use of a test environment helps in the evaluation of potential problems, and a full backup provides the contingency that is needed; however, the backup must be tested before declaring its integrity.

    Most companies have a policy on applying patches. They either install all the patches available, install just the patches that directly affect their operation, or don't install any. I always recommend the first option of installing at least the recommended patches and the security patches ”it could make a lot of difference when trying to resolve a problem via the Sun help desk.

       
    Top
       

    Chapter 6. Solaris Security

    graphics\chic01.gif

    B USINESSES AROUND THE WORLD ARE MAKING as much use as possible of Internet technologies to break into new global markets. As companies become ever more dependent on the Internet for their business relationships, the importance of computer security increases as well. More and more people and businesses are connecting every day, and with that comes more potential for security threats.

    Single-site, centralized data centers, with equally centralized security requirements, are fast disappearing and are being replaced by new, modern, distributed corporations with sites not just in different towns and cities, but in different countries as well, all communicating together and sharing confidential company information. It is a system cracker's paradise if there is no security policy in place ”they can just march in and wreak havoc.

    Hacker or Cracker

    The term hacker is usually referred to in the news as an external malicious attacker of computer systems. Within the IT industry however, the term cracker is used to define the malicious attacker or virus perpetrator. A hacker is someone who is not malicious but who, through unsupervised access, can often cause unintentional damage to a computer system, normally because of inexperience rather than a deliberate action. That distinction between the two concepts is used in this text.


    But it's not the external cracker who actually causes the most damage; those instances are merely the most widely reported . Perhaps surprisingly, various studies have shown that by far the largest cause of security incidents comes from within ”that is, someone already authorized to use the computing resources of a company, such as a disgruntled employee who was passed over for promotion or was refused a raise. This employee could do something as simple as delete important files, for example, but a more sophisticated employee could write and introduce a destructive virus into the system. The possibilities are many.

    The Computer Crime and Security Survey, carried out each year in the United States by the Computer Security Institute/Federal Bureau of Investigation (CSI/FBI), analyzes and highlights the effect of computer crime/abuse. The findings clearly show a marked increase each year. To put this into perspective, Figure 6.1 shows the average financial loss suffered for the last four years as a result of computer crime. The average loss is taken from the number of companies that were able to put a dollar value on the loss encountered .

    Figure 6.1. The disturbing upward trend toward computer crime highlights the need for increased computer security and incident reporting.

    graphics\06fig01.gif

    The system manager is responsible for maintaining the integrity of the systems that he manages and for ensuring that there is no unauthorized access to confidential data. In larger corporations, the system manager might be assisted by a dedicated computer security section, whose role is to implement a company security policy. Sadly, a large number of businesses do not have a corporate policy, and various departments implement their own ad hoc computer security, often lacking consistency and the capability to ensure that it is enforced.

    This chapter aims to address some of the issues surrounding the need for better security in a Solaris environment, and it takes a brief look at some of the security products that are available ”both with the Solaris operating environment and also from the public domain.

       
    Top

    Buy on amazon.com >>
    Philcox J. Wall S.
      << Previous page
      Table of contents
      Next page >>

      Similar products

       
      flylib.com © Copyright 2008-2013. All Rights Reserved.
      if you may any questions please contact us: flylib@qtcs.net
      Privacy policy