1. Manuals
  2. Brands
  3. Oracle Manuals
  4. Server
  5. netra X5-2
  6. Security manual

Oracle X5-2 Security Manual

Hide thumbs Also See for X5-2:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Service Manual, Installation Manual
Oracle
Server X5-2 Security Guide
®
Part No: E48323-03
May 2015

Advertisement

Table of Contents
loading

Related Manuals for Oracle X5-2

Summary of Contents for Oracle X5-2

  • Page 1 Oracle Server X5-2 Security Guide ® Part No: E48323-03 May 2015...
  • Page 3 Oracle. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services, except as set forth in an applicable agreement between you and Oracle.
  • Page 4 Oracle Corporation et ses affiliés déclinent toute responsabilité ou garantie expresse quant aux contenus, produits ou services émanant de tiers, sauf mention contraire stipulée dans un contrat entre vous et Oracle. En aucun cas, Oracle Corporation et ses affiliés ne sauraient être tenus pour responsables des pertes subies, des coûts occasionnés ou des dommages causés par l'accès à...

  • Page 5: Table Of Contents

    Accounting and Auditing .................. 8 Using Server Configuration and Management Tools Securely ...... 11 Oracle System Assistant Security .............. 11 Oracle ILOM Security .................. 12 Oracle Hardware Management Pack Security .............  14 Planning a Secure Environment ...............  15 Password Protection .................. 15 Operating System Security Guidelines ............... 16 Network Switches and Ports ................ 16 VLAN Security .....................
  • Page 6 Oracle Server X5-2 Security Guide • May 2015...

  • Page 7: Basic Security

    Basic Security This document provides general security guidelines to help you protect your Oracle server, server network interfaces, and connected network switches. Contact your IT Security Officer for additional security requirements that pertain to your system and specific environment. There are basic security principles that you should adhere to when using all hardware and software.

  • Page 8: Authentication

    Accounting and Auditing Accounting and auditing refer to maintaining a record of a user's activity on the system. Oracle servers have software and hardware features that allow administrators to monitor login activity and to maintain hardware inventories.
  • Page 9 Record the serial numbers of all your hardware. Use component serial numbers to track ■ system assets. Oracle part numbers are electronically recorded on cards, modules, and motherboards, and can be used for inventory purposes. To detect and track components, provide a security mark on all significant items of ■...
  • Page 10 Oracle Server X5-2 Security Guide • May 2015...

  • Page 11: Using Server Configuration And Management Tools Securely

    Oracle System Assistant Security Oracle System Assistant is a preinstalled tool that helps you to configure and update server hardware and to install supported operating systems. For information about how to use Oracle System Assistant, refer to the Oracle X5 Series Servers Administration Guide at: http://www.oracle.com/goto/x86AdminDiag/docs...

  • Page 12: Oracle Ilom Security

    Oracle System Assistant can be disabled. ■ Oracle System Assistant is a useful tool in helping to set up the server, update and configure firmware, and install the host operating system. However, if the security implications described above are unacceptable, or if the tool is not needed, Oracle System Assistant can be disabled.
  • Page 13 Oracle ILOM to default values, and to flash firmware if Oracle ILOM were to become unresponsive. Once Oracle ILOM has been reset, a user is then required to either press a button on the server (the default) or type a password. The Oracle ILOM Physical Presence property controls this behavior (check_physical_presence= true).

  • Page 14: Oracle Hardware Management Pack Security

    Management Agent SNMP Plugins, you can use SNMP to monitor Oracle servers in your data center with the advantage of not having to connect to two management points, the host and Oracle ILOM. This functionality enables you to use a single IP address (the host’s IP address) to monitor multiple servers.

  • Page 15: Planning A Secure Environment

    Planning a Secure Environment Security guidelines should be in place before the arrival of the system. After arrival, security guidelines should be periodically reviewed and adjusted to stay current with the security requirements of your organization. Use the information in these sections before and during the installation and configuration of a server and related equipment: “Password Protection”...

  • Page 16: Operating System Security Guidelines

    How to protect network-based applications ■ Security Guide documents for supported Oracle operating systems are part of the documentation library for the operating system. To find the Security Guide document for an Oracle operating system, go to the Oracle operating system documentation library:...

  • Page 17: Vlan Security

    VLAN Security Manage switches out-of-band (separated from data traffic). If out-of-band management is ■ not feasible, then dedicate a separate virtual local area network (VLAN) number for in-band management. Use the port mirroring capability of the network switch for intrusion detection system (IDS) ■...
  • Page 18 InfiniBand Security Note that partitioning does not protect an InfiniBand fabric. Partitioning only offers InfiniBand traffic isolation between virtual machines on a host. Oracle Server X5-2 Security Guide • May 2015...

  • Page 19: Maintaining A Secure Environment

    Power Control You can use software to turn on and off power to some Oracle systems. The power distribution units (PDUs) for some system cabinets can be enabled and disabled remotely. Authorization for these commands is typically set up during system configuration and is usually limited to system administrators and service personnel.

  • Page 20: Updates For Software And Firmware

    Updates for Software and Firmware You can also use wireless radio frequency identification (RFID) readers to further simplify asset tracking. An Oracle white paper, How to Track Your Oracle Sun System Assets by Using RFID, is available at: http://www.oracle.com/technetwork/articles/systems-hardware-architecture/o11- 001-rfid-oracle-214567.pdf Updates for Software and Firmware Security enhancements are introduced through new software releases and patches.

  • Page 21: Data Protection And Security

    Implement port security to limit access based upon a MAC address. Disable auto-trunking ■ on all ports. For more information about network security, refer to the Oracle ILOM Security Guide, which is part of the Oracle ILOM documentation library. You can find the Oracle ILOM documentation at: http://www.oracle.com/goto/ILOM/docs Data Protection and Security Follow these guidelines to maximize data protection and security: Back up important data using devices such as external hard drives or USB storage devices.

  • Page 22: Log Maintenance

    Use disk-wiping tools such as the Oracle Solaris format(1M) command to completely ■ erase all data from the disk drive. Alternatively, you can use physical degaussing tools, if appropriate and available.

Table of Contents