uCosminexus Application Server, Security Management Guide

[Contents][Index][Back][Next]

4.9.2 Considering the system setup procedures

This subsection gives examples of the system setup procedures to be written in the System Setup Procedure document. When preparing a System Setup Procedure document, refer to these sample procedures.

To set up a secure system, Smart Composer functionality commands and server management commands are used. In addition, commands that create an audit log entry should be used for all operations. When adding an operation other than those described here to the work procedure document, use commands that create audit log entries. For details about commands that create audit log entries, see 6.6 List of commands and operations for outputting audit log entries, in the uCosminexus Application Server Operation, Monitoring, and Linkage Guide.

Note that all procedures described in this section are to be performed by the System administrator.

Organization of this subsection
(1) Installing hardware
(2) Installing the OS
(3) Starting system management
(4) Configuring settings for audit log output
(5) Configuring the load balancer and database
(6) Configuring the management server
(7) Defining the configuration of the Web system
(8) Preparing the Web system
(9) Configuring the resource adapter
(10) Verifying the J2EE application
(11) Configuring the J2EE application
(12) Starting the Web system
(13) Disabling unnecessary functions
(14) Registering the System operator

(1) Installing hardware

Hardware should be installed by the System administrator. The procedure for installing hardware is as follows:

  1. Enter the server area, which is physically isolated from the outside, in accordance with the Entry and Exit Procedure document.
  2. Install the hardware for running the system and a firewall within the server area.

In the System Setup Procedure document, include detailed procedures for installing the hardware and the firewall.

(2) Installing the OS

The OS to be used on the system should be installed by the System administrator. The procedure for installing the OS is as follows:

  1. Install the OS and configure the settings necessary for network connection, including the IP address and host name settings.
  2. Apply the necessary security patches to the system.
  3. Install the software necessary for the system and set the environment variables.
  4. Create an OS account for the System administrator and assign administrator privileges to the account.
  5. Create an OS account for the Auditor and use a secure means to notify the Auditor of the account.

(3) Starting system management

The System administrator logs into the OS using the System administrator account created in step (2) Installing the OS.

(4) Configuring settings for audit log output

On the management server and application server terminals, the System administrator configures the audit log output settings. The procedure for configuring the audit log output settings is as follows:

  1. Decide the size of the audit log file, based on the system configuration.
  2. Assign the System administrator and System operator permission to read and write to the audit log file. Also, assign the Auditor permission to read the audit log file.
  3. Update the audit log definition file (auditlog.properties) using the information determined or set in steps 1 and 2.
  4. Create the audit log output directory specified in the audit log definition file.
  5. Assign the System administrator and System operator permission to read and write to the audit log output directory created in step 4. Also, assign the Auditor permission to read the audit log output directory created in step 4.
  6. Execute the setup command (auditsetup command).

(5) Configuring the load balancer and database

The System administrator should install the load balancer and database within the server area and configure the machines.

In the System Setup Procedure document, include detailed procedures for configuring the load balancer and database.

(6) Configuring the management server

The System administrator should initialize the management server. The procedure for configuring the management server is as follows:

  1. In the mngsvrctl command, specify the argument setup to set up Management Server, and then configure the management user account for Management Server.
  2. In the mngautorun command, specify the argument server and the -sync option to configure Management Server to start automatically.

(7) Defining the configuration of the Web system

The System administrator should define the configuration of the Web system. The procedure for defining the configuration of the Web system is as follows:

  1. In the mngsvrctl command, specify the argument start and the -sync option to start Management Server.
  2. Edit and save the Easy Setup definition file.
  3. In the adminagentctl command, specify the -sync option to start Administration Agent on each application server.
  4. On the management server, use the cmx_build_system command to set up the Web system.

(8) Preparing the Web system

The System administrator should use the appropriate Smart Composer functionality commands on the administrator terminal of the management server to prepare the Web system. The procedure for preparing the Web system is as follows:

  1. Use the cmx_start_target command to set the Web system to the standby state.
  2. Use the cmx_list_status command to confirm that the service unit in the Web system is in the standby state.

(9) Configuring the resource adapter

The System administrator should use server management commands on the administrator terminal of the management server to configure the resource adapter that is necessary for applications to link with the database. The procedure for configuring a resource adapter is as follows:

  1. From the following directory, copy a Connector property file template for the resource adapter to be used.
    In Windows
    Cosminexus-installation-directory\CC\admin\templates\
    In UNIX
    /opt/Cosminexus/CC/admin/templates/
  2. Edit the Connector property file template copied in step 1.
  3. Use the cjimportres command to import the resource adapter.
  4. Use the cjsetresprop command to incorporate the edited contents of the Connector property file into the resource adapter.
  5. Use the cjdeployrar command to deploy the resource adapter.
  6. Use the cjtestres command to test the resource adapter connection.

(10) Verifying the J2EE application

The System administrator should verify that the countermeasures described in 4.8.2 Countermeasures to be implemented against expected threats are implemented in the J2EE application. The countermeasures to be verified are as follows:

Specifically, confirm that the J2EE application meets the following specifications:

(11) Configuring the J2EE application

The System administrator should use server management commands on the administrator terminal of the management server to configure the J2EE application. The procedure for configuring the J2EE application is as follows:

  1. Use the cjimportapp command to import the J2EE application.
  2. Use the cjgetappprop command to obtain the application integrated property file.
  3. Edit the application integrated property file obtained in step 2.
  4. Use the cjsetappprop command to incorporate the edited contents of the application integrated property file into the J2EE application.
    Note
    This describes how to configure a J2EE application without runtime information. To configure a J2EE application that contains runtime information, after importing the J2EE application in step 1, use the cjstopapp command to stop the J2EE application, and then proceed to step 2.

(12) Starting the Web system

The System administrator should use the appropriate Smart Composer functionality commands and server management commands on the administrator terminal of the management server to start the Web system. The procedure for starting the Web system is as follows:

  1. Use the cjstartrar command to start the resource adapter.
  2. Use the cjstartapp command to start the J2EE application.
  3. Use the cmx_start_target command to set the service unit within the Web system to a running state.

(13) Disabling unnecessary functions

To prevent unauthorized users from using an unnecessary function, disable it. Specifically, the System administrator should change the command execution permissions or delete the files that are necessary to execute the command. The table below shows the functions that need to be disabled for Windows and UNIX respectively.

Table 4-4 Functions that need to be disabled (for Windows)

Function name Target directory Target file Action
Cosminexus HTTP Server function for GUI server management Cosminexus-installation-directory\httpsd adm-httpsd.exe Deny execution permission to any user other than the System administrator.
Cosminexus HTTP Server command for editing password files Cosminexus-installation-directory\httpsd\bin htpasswd.exe Deny execution permission to any user other than the System administrator.
CTM function for changing the number of concurrent schedule queues Cosminexus-installation-directory\CTM\bin ctmchpara.exe Deny execution permission to any user other than the System administrator.
CTM function for displaying and deleting CTM domain information Cosminexus-installation-directory\CTM\bin ctmdminfo.exe Deny execution permission to any user other than the System administrator.
CTM function for blocking schedule queues Cosminexus-installation-directory\CTM\bin ctmholdque.exe Deny execution permission to any user other than the System administrator.
CTM function for outputting version information on executable files and libraries Cosminexus-installation-directory\CTM\bin ctmjver.exe Deny execution permission to any user other than the System administrator.
CTM function for editing and outputting messages Cosminexus-installation-directory\CTM\bin ctmlogcat.exe Deny execution permission to any user other than the System administrator.
CTM function for outputting schedule queue information Cosminexus-installation-directory\CTM\bin ctmlsque.exe Deny execution permission to any user other than the System administrator.
CTM function for unblocking schedule queues Cosminexus-installation-directory\CTM\bin ctmrlesque.exe Deny execution permission to any user other than the System administrator.
CTM function for editing and outputting operating statistics Cosminexus-installation-directory\CTM\bin ctmstsed.exe Deny execution permission to any user other than the System administrator.
CTM function for forced output of buffer contents to a file Cosminexus-installation-directory\CTM\bin ctmstsflush.exe Deny execution permission to any user other than the System administrator.
CTM function for outputting version information on executable files and libraries Cosminexus-installation-directory\CTM\bin ctmver.exe Deny execution permission to any user other than the System administrator.
PRF function for editing and outputting performance analysis trace information Cosminexus-installation-directory\PRF\bin cprfed.exe Deny execution permission to any user other than the System administrator.
PRF function for forced output of buffer contents to a file Cosminexus-installation-directory\PRF\bin cprfflush.exe Deny execution permission to any user other than the System administrator.
PRF function for displaying and changing trace acquisition levels Cosminexus-installation-directory\PRF\bin cprflevel.exe Deny execution permission to any user other than the System administrator.
Commands used by Management Server Cosminexus-installation-directory\manager\bin mngsvrutil.exe Deny execution permission to any user other than the System administrator.
Cosminexus-installation-directory\manager\bin mstrexport.exe Deny execution permission to any user other than the System administrator.
Cosminexus-installation-directory\manager\bin mstrimport.exe Deny execution permission to any user other than the System administrator.
Cosminexus-installation-directory\manager\bin ssoexport.exe Deny execution permission to any user other than the System administrator.
Cosminexus-installation-directory\manager\bin ssogenkey.exe Deny execution permission to any user other than the System administrator.
Cosminexus-installation-directory\manager\bin ssoimport.exe Deny execution permission to any user other than the System administrator.
Cosminexus-installation-directory\manager\bin uachpw.exe Deny execution permission to any user other than the System administrator.
Cosminexus-installation-directory\manager\bin mngsvr_adapter_setup.exe Avoid use of the command.
Cosminexus-installation-directory\manager\bin Adapter_HITACHI_COSMINEXUS_MANAGER.exe Deny execution permission to any user other than the System administrator.
Cosminexus-installation-directory\manager\externals\jp1\mngsvrmonitor mngsvr_monitor_setup.exe Avoid use of the command.
Management portal Cosminexus-installation-directory\manager\containers\m\webapps\mngsvr index.jsp Delete the file.
Cosminexus-installation-directory\manager\containers\m\webapps\mngsvr login.jsp Delete the file.

Table 4-5 Functions that need to be disabled (for UNIX)

Function name Target directory Target file Action
Cosminexus HTTP Server function for GUI server management /opt/hitachi/httpsd/sbin adminctl Deny execution permission to any user other than the System administrator.
/opt/hitachi/httpsd/sbin adm-httpsd Deny execution permission to any user other than the System administrator.
Cosminexus HTTP Server command for editing password files /opt/hitachi/httpsd/bin htpasswd Deny execution permission to any user other than the System administrator.
CTM function for changing the number of concurrent schedule queues /opt/Cosminexus/CTM/bin ctmchpara Deny execution permission to any user other than the System administrator.
CTM function for displaying and deleting CTM domain information /opt/Cosminexus/CTM/bin ctmdminfo Deny execution permission to any user other than the System administrator.
CTM function for blocking schedule queues /opt/Cosminexus/CTM/bin ctmholdque Deny execution permission to any user other than the System administrator.
CTM function for outputting version information on executable files and libraries /opt/Cosminexus/CTM/bin ctmjver Deny execution permission to any user other than the System administrator.
CTM function for editing and outputting messages /opt/Cosminexus/CTM/bin ctmlogcat Deny execution permission to any user other than the System administrator.
CTM function for outputting schedule queue information /opt/Cosminexus/CTM/bin ctmlsque Deny execution permission to any user other than the System administrator.
CTM function for unblocking schedule queues /opt/Cosminexus/CTM/bin ctmrlesque Deny execution permission to any user other than the System administrator.
CTM function for editing and outputting operating statistics /opt/Cosminexus/CTM/bin ctmstsed Deny execution permission to any user other than the System administrator.
CTM function for forced output of buffer contents to a file /opt/Cosminexus/CTM/bin ctmstsflush Deny execution permission to any user other than the System administrator.
CTM function for outputting version information on executable files and libraries /opt/Cosminexus/CTM/bin ctmver Deny execution permission to any user other than the System administrator.
PRF function for editing and outputting performance analysis trace information /opt/Cosminexus/PRF/bin cprfed Deny execution permission to any user other than the System administrator.
PRF function for forced output of buffer contents to a file /opt/Cosminexus/PRF/bin cprfflush Deny execution permission to any user other than the System administrator.
PRF function for displaying and changing trace acquisition levels /opt/Cosminexus/PRF/bin cprflevel Deny execution permission to any user other than the System administrator.
Commands used by Management Server /opt/Cosminexus/manager/bin mngsvrutil Deny execution permission to any user other than the System administrator.
/opt/Cosminexus/manager/bin mstrexport Deny execution permission to any user other than the System administrator.
/opt/Cosminexus/manager/bin mstrimport Deny execution permission to any user other than the System administrator.
/opt/Cosminexus/manager/bin ssoexport Deny execution permission to any user other than the System administrator.
/opt/Cosminexus/manager/bin ssogenkey Deny execution permission to any user other than the System administrator.
/opt/Cosminexus/manager/bin ssoimport Deny execution permission to any user other than the System administrator.
/opt/Cosminexus/manager/bin uachpw Deny execution permission to any user other than the System administrator.
/opt/Cosminexus/manager/bin mngsvr_adapter_setup Deny execution permission to any user other than the System administrator.
/opt/Cosminexus/manager/bin Adapter_HITACHI_COSMINEXUS_MANAGER Deny execution permission to any user other than the System administrator.
Management portal /opt/Cosminexus/manager/containers/m/webapps/mngsvr index.jsp Delete the file.
/opt/Cosminexus/manager/containers/m/webapps/mngsvr login.jsp Delete the file.

(14) Registering the System operator

The System administrator should use OS functions and Smart Composer functionality commands on the administrator terminal of the management server to set the user ID and password for the System operators. The System administrator should notify the System operators of user IDs and passwords set for them. The procedure for registering System operators is as follows:

  1. Use the appropriate OS function to set the OS user ID and password for the System operator.
  2. Use the appropriate OS function to deny administrator privileges to the System operator.
  3. Use the cmx_admin_passwd command to replace the management user ID and password of the System administrator on Management Server with those of the System operator.
  4. Use a safe means to notify the System operator of the user ID and password set in steps 1 and 3.

[Contents][Back][Next]

[Trademarks]

All Rights Reserved. Copyright (C) 2013, Hitachi, Ltd