MOM Security

Security has evolved into a primary concern that can no longer be taken for granted. The inherent security in Windows Server 2003 is only as good as the services that have access to it; therefore, it is wise to perform a security audit of all systems that access information from servers. This concept holds true for management systems as well because they collect sensitive information from every server in an enterprise. This includes potentially sensitive event logs that could be used to compromise a system. Consequently, securing the MOM infrastructure should not be taken lightly.

Physically Securing MOM

Aside from actual software security, one of the most important forms of security is actual physical security. MOM servers should be physically secured behind locked doors, and login access to the console should be curtailed to help protect the critical information contained within the environment. This concept cannot be overstressed, as physical security is one of the most highly overlooked but yet one of the most critical components of a secure infrastructure.

In addition to physical security, MOM servers should be carefully locked down at the OS level to prevent unauthorized access. This includes the creation of complex passwords for service accounts and the application of the latest service packs and security updates using the automatic update features in Windows Server 2003 to help keep the environment secure and up to date. In addition, administration of MOM security can be greatly simplified via the creation of an Active Directory group that controls MOM administration. This group can be granted admin rights to MOM servers, and users can be added as members to this group. Simplifying the administration of security often strengthens security as well because administrators take fewer security shortcuts when troubleshooting problems.

Securing MOM Agents

Each server that contains a MOM agent and forwards events to MOM DCAMs has specific security requirements. Server-level security, discussed in more detail in Chapter 12, "Server-Level Security," should be established and should include provisions for MOM data collection. All traffic between MOM components, such as the agents, the DCAMs, and the database, are encrypted automatically for security, so the traffic is inherently secured.

In addition, environments with high security requirements should investigate the use of encryption technologies such as IPSec to scramble the event IDs that are sent between agents and MOM servers, to protect against eavesdropping of MOM packets. More information can be found on setting up IPSec in Chapter 13, "Transport-Level Security."

Firewall Requirements

MOM servers that are deployed across a firewall have special considerations that must be taken into account. Port 1270, the default port for MOM communications, must specifically be opened on a firewall to allow MOM to communicate across it. In addition, MOM servers can be specifically configured to exist in a DMZ firewall configuration, as long as the proper access is granted to the managed servers from the DMZ.

Service Account Security

In addition to the aforementioned security measures, security of a MOM environment can be strengthened by the addition of multiple service accounts to handle the different MOM components. For example, the DAS and consolidator can be configured to use separate service accounts, to provide for an extra layer of protection in the event that one account is compromised. The caveat to this approach, however, is that the SQL database requires an additional CAL for each service account that accesses it.