Conducting Regular Audits; Example Security Needs Analysis - Netscape DIRECTORY SERVER 6.2 - DEPLOYMENT Deployment Manual

For information about encryption methods provided in the Directory Server,
refer to "Password Storage Scheme," on page 153. For information about signing
data, refer to "Securing Connections With SSL," on page 163.

Conducting Regular Audits

As an extra security measure, you should conduct regular audits to verify the
efficiency of your overall security policy. You can do this by examining the log files
and the information recorded by the SNMP agents.
For more information about SNMP, refer to Netscape Directory Server
Administrator's Guide.

Example Security Needs Analysis

The examples provided in this section illustrate how the imaginary ISP
company
example.com
's business is to offer web hosting and internet access. Part of
example.com
's activity is to host the directories of client companies. It also
example.com
provides internet access to a number of individual subscribers.
Therefore,
example.com
directory:
• internal information
example.com
• Information belonging to corporate customers
• Information pertaining to individual subscribers
needs the following access controls:
example.com
• Provide access to the directory administrators of hosted companies
( and
example_a example_b
• Implement access control policies for hosted companies directory
information.
• Implement a standard access control policy for all individual clients who
use
example.com
• Deny access to
example.com
• Grant read access to
analyzes its security needs.
has three main categories of information in its
) to their own directory information.
for internet access from their homes.
's corporate directory to all outsiders.
's directory of subscribers to the world.
example.com
Analyzing Your Security Needs
Chapter 7 Designing a Secure Directory 137