4.9.2 Considering the system setup procedures
This subsection gives examples of the system setup procedures to be written in the System Setup Procedure document. When preparing a System Setup Procedure document, refer to these sample procedures.
To set up a secure system, Smart Composer functionality commands and server management commands are used. In addition, commands that create an audit log entry should be used for all operations. When adding an operation other than those described here to the work procedure document, use commands that create audit log entries. For details about commands that create audit log entries, see Chapter 6 in the uCosminexus Application Server Operation, Monitoring, and Linkage Guide.
Note that all procedures described in this section are to be performed by the System administrator.
- Organization of this subsection
-
(1) Installing hardware
Hardware should be installed by the System administrator. The procedure for installing hardware is as follows:
-
Enter the server area, which is physically isolated from the outside, in accordance with the Entry and Exit Procedure document.
-
Install the hardware for running the system and a firewall within the server area.
In the System Setup Procedure document, include detailed procedures for installing the hardware and the firewall.
(2) Installing the OS
The OS to be used on the system should be installed by the System administrator. The procedure for installing the OS is as follows:
-
Install the OS and configure the settings necessary for network connection, including the IP address and host name settings.
-
Apply the necessary security patches to the system.
-
Install the software necessary for the system and set the environment variables.
-
Create an OS account for the System administrator and assign administrator privileges to the account.
-
Create an OS account for the Auditor and use a secure means to notify the Auditor of the account.
(3) Starting system management
The System administrator logs into the OS using the System administrator account created in step (2) Installing the OS.
(4) Configuring settings for audit log output
On the management server and application server terminals, the System administrator configures the audit log output settings. The procedure for configuring the audit log output settings is as follows:
-
Decide the size of the audit log file, based on the system configuration.
-
Assign the System administrator and System operator permission to read and write to the audit log file. Also, assign the Auditor permission to read the audit log file.
-
Update the audit log definition file (auditlog.properties) using the information determined or set in steps 1 and 2.
-
Create the audit log output directory specified in the audit log definition file.
-
Assign the System administrator and System operator permission to read and write to the audit log output directory created in step 4. Also, assign the Auditor permission to read the audit log output directory created in step 4.
-
Execute the setup command (auditsetup command).
(5) Configuring the load balancer and database
The System administrator should install the load balancer and database within the server area and configure the machines.
In the System Setup Procedure document, include detailed procedures for configuring the load balancer and database.
(6) Configuring the management server
The System administrator should initialize the management server. The procedure for configuring the management server is as follows:
-
In the mngsvrctl command, specify the argument setup to set up Management Server, and then configure the management user account for Management Server.
-
In the mngautorun command, specify the argument server and the -sync option to configure Management Server to start automatically.
(7) Defining the configuration of the Web system
The System administrator should define the configuration of the Web system. The procedure for defining the configuration of the Web system is as follows:
-
In the mngsvrctl command, specify the argument start and the -sync option to start Management Server.
-
Edit and save the Easy Setup definition file.
-
In the adminagentctl command, specify the -sync option to start Administration Agent on each application server.
-
On the management server, use the cmx_build_system command to set up the Web system.
(8) Preparing the Web system
The System administrator should use the appropriate Smart Composer functionality commands on the administrator terminal of the management server to prepare the Web system. The procedure for preparing the Web system is as follows:
-
Use the cmx_start_target command to set the Web system to the standby state.
-
Use the cmx_list_status command to confirm that the service unit in the Web system is in the standby state.
(9) Configuring the resource adapter
The System administrator should use server management commands on the administrator terminal of the management server to configure the resource adapter that is necessary for applications to link with the database. The procedure for configuring a resource adapter is as follows:
-
From the following directory, copy a Connector property file template for the resource adapter to be used.
- In Windows
-
Cosminexus-installation-directory\CC\admin\templates\
- In UNIX
-
/opt/Cosminexus/CC/admin/templates/
-
Edit the Connector property file template copied in step 1.
-
Use the cjimportres command to import the resource adapter.
-
Use the cjsetresprop command to incorporate the edited contents of the Connector property file into the resource adapter.
-
Use the cjdeployrar command to deploy the resource adapter.
-
Use the cjtestres command to test the resource adapter connection.
(10) Verifying the J2EE application
The System administrator should verify that the countermeasures described in 4.8.2 Countermeasures to be implemented against expected threats are implemented in the J2EE application. The countermeasures to be verified are as follows:
-
J2EE application audit log output
-
J2EE application-based user identification and authentication
-
J2EE application-based access control
Specifically, confirm that the J2EE application meets the following specifications:
-
Provides the capability for the System operator to register and delete the user IDs and passwords of end-users.
-
Provides the capability to identify and authenticate user IDs and passwords.
-
Provides the capability to control access to the services it provides.
-
Provides the capability to create entries in the audit log when a user is using its services.
(11) Configuring the J2EE application
The System administrator should use server management commands on the administrator terminal of the management server to configure the J2EE application. The procedure for configuring the J2EE application is as follows:
-
Use the cjimportapp command to import the J2EE application.
-
Use the cjgetappprop command to obtain the application integrated property file.
-
Edit the application integrated property file obtained in step 2.
-
Use the cjsetappprop command to incorporate the edited contents of the application integrated property file into the J2EE application.
- Important note
-
This describes how to configure a J2EE application without runtime information. To configure a J2EE application that contains runtime information, after importing the J2EE application in step 1, use the cjstopapp command to stop the J2EE application, and then proceed to step 2.
(12) Starting the Web system
The System administrator should use the appropriate Smart Composer functionality commands and server management commands on the administrator terminal of the management server to start the Web system. The procedure for starting the Web system is as follows:
-
Use the cjstartrar command to start the resource adapter.
-
Use the cjstartapp command to start the J2EE application.
-
Use the cmx_start_target command to set the service unit within the Web system to a running state.
(13) Disabling unnecessary functions
To prevent unauthorized users from using an unnecessary function, disable it. Specifically, the System administrator should change the command execution permissions or delete the files that are necessary to execute the command. The table below shows the functions that need to be disabled for Windows and UNIX respectively.
Function name |
Target directory |
Target file |
Action |
---|---|---|---|
Cosminexus HTTP Server function for GUI server management |
Cosminexus-installation-directory\httpsd |
adm-httpsd.exe |
Deny execution permission to any user other than the System administrator. |
Cosminexus HTTP Server command for editing password files |
Cosminexus-installation-directory\httpsd\bin |
htpasswd.exe |
Deny execution permission to any user other than the System administrator. |
CTM function for changing the number of concurrent schedule queues |
Cosminexus-installation-directory\CTM\bin |
ctmchpara.exe |
Deny execution permission to any user other than the System administrator. |
CTM function for displaying and deleting CTM domain information |
Cosminexus-installation-directory\CTM\bin |
ctmdminfo.exe |
Deny execution permission to any user other than the System administrator. |
CTM function for blocking schedule queues |
Cosminexus-installation-directory\CTM\bin |
ctmholdque.exe |
Deny execution permission to any user other than the System administrator. |
CTM function for outputting version information on executable files and libraries |
Cosminexus-installation-directory\CTM\bin |
ctmjver.exe |
Deny execution permission to any user other than the System administrator. |
CTM function for editing and outputting messages |
Cosminexus-installation-directory\CTM\bin |
ctmlogcat.exe |
Deny execution permission to any user other than the System administrator. |
CTM function for outputting schedule queue information |
Cosminexus-installation-directory\CTM\bin |
ctmlsque.exe |
Deny execution permission to any user other than the System administrator. |
CTM function for unblocking schedule queues |
Cosminexus-installation-directory\CTM\bin |
ctmrlesque.exe |
Deny execution permission to any user other than the System administrator. |
CTM function for editing and outputting operating statistics |
Cosminexus-installation-directory\CTM\bin |
ctmstsed.exe |
Deny execution permission to any user other than the System administrator. |
CTM function for forced output of buffer contents to a file |
Cosminexus-installation-directory\CTM\bin |
ctmstsflush.exe |
Deny execution permission to any user other than the System administrator. |
CTM function for outputting version information on executable files and libraries |
Cosminexus-installation-directory\CTM\bin |
ctmver.exe |
Deny execution permission to any user other than the System administrator. |
PRF function for editing and outputting performance analysis trace information |
Cosminexus-installation-directory\PRF\bin |
cprfed.exe |
Deny execution permission to any user other than the System administrator. |
PRF function for forced output of buffer contents to a file |
Cosminexus-installation-directory\PRF\bin |
cprfflush.exe |
Deny execution permission to any user other than the System administrator. |
PRF function for displaying and changing trace acquisition levels |
Cosminexus-installation-directory\PRF\bin |
cprflevel.exe |
Deny execution permission to any user other than the System administrator. |
Commands used by Management Server |
Cosminexus-installation-directory\manager\bin |
mngsvrutil.exe |
Deny execution permission to any user other than the System administrator. |
Cosminexus-installation-directory\manager\bin |
mstrexport.exe |
Deny execution permission to any user other than the System administrator. |
|
Cosminexus-installation-directory\manager\bin |
mstrimport.exe |
Deny execution permission to any user other than the System administrator. |
|
Cosminexus-installation-directory\manager\bin |
ssoexport.exe |
Deny execution permission to any user other than the System administrator. |
|
Cosminexus-installation-directory\manager\bin |
ssogenkey.exe |
Deny execution permission to any user other than the System administrator. |
|
Cosminexus-installation-directory\manager\bin |
ssoimport.exe |
Deny execution permission to any user other than the System administrator. |
|
Cosminexus-installation-directory\manager\bin |
uachpw.exe |
Deny execution permission to any user other than the System administrator. |
|
Cosminexus-installation-directory\manager\bin |
mngsvr_adapter_setup.exe |
Avoid use of the command. |
|
Cosminexus-installation-directory\manager\bin |
Adapter_HITACHI_COSMINEXUS_MANAGER.exe |
Deny execution permission to any user other than the System administrator. |
|
Cosminexus-installation-directory\manager\externals\jp1\mngsvrmonitor |
mngsvr_monitor_setup.exe |
Avoid use of the command. |
|
Management portal |
Cosminexus-installation-directory\manager\containers\m\webapps\mngsvr |
index.jsp |
Delete the file. |
Cosminexus-installation-directory\manager\containers\m\webapps\mngsvr |
login.jsp |
Delete the file. |
Function name |
Target directory |
Target file |
Action |
---|---|---|---|
Cosminexus HTTP Server function for GUI server management |
/opt/hitachi/httpsd/sbin |
adminctl |
Deny execution permission to any user other than the System administrator. |
/opt/hitachi/httpsd/sbin |
adm-httpsd |
Deny execution permission to any user other than the System administrator. |
|
Cosminexus HTTP Server command for editing password files |
/opt/hitachi/httpsd/bin |
htpasswd |
Deny execution permission to any user other than the System administrator. |
CTM function for changing the number of concurrent schedule queues |
/opt/Cosminexus/CTM/bin |
ctmchpara |
Deny execution permission to any user other than the System administrator. |
CTM function for displaying and deleting CTM domain information |
/opt/Cosminexus/CTM/bin |
ctmdminfo |
Deny execution permission to any user other than the System administrator. |
CTM function for blocking schedule queues |
/opt/Cosminexus/CTM/bin |
ctmholdque |
Deny execution permission to any user other than the System administrator. |
CTM function for outputting version information on executable files and libraries |
/opt/Cosminexus/CTM/bin |
ctmjver |
Deny execution permission to any user other than the System administrator. |
CTM function for editing and outputting messages |
/opt/Cosminexus/CTM/bin |
ctmlogcat |
Deny execution permission to any user other than the System administrator. |
CTM function for outputting schedule queue information |
/opt/Cosminexus/CTM/bin |
ctmlsque |
Deny execution permission to any user other than the System administrator. |
CTM function for unblocking schedule queues |
/opt/Cosminexus/CTM/bin |
ctmrlesque |
Deny execution permission to any user other than the System administrator. |
CTM function for editing and outputting operating statistics |
/opt/Cosminexus/CTM/bin |
ctmstsed |
Deny execution permission to any user other than the System administrator. |
CTM function for forced output of buffer contents to a file |
/opt/Cosminexus/CTM/bin |
ctmstsflush |
Deny execution permission to any user other than the System administrator. |
CTM function for outputting version information on executable files and libraries |
/opt/Cosminexus/CTM/bin |
ctmver |
Deny execution permission to any user other than the System administrator. |
PRF function for editing and outputting performance analysis trace information |
/opt/Cosminexus/PRF/bin |
cprfed |
Deny execution permission to any user other than the System administrator. |
PRF function for forced output of buffer contents to a file |
/opt/Cosminexus/PRF/bin |
cprfflush |
Deny execution permission to any user other than the System administrator. |
PRF function for displaying and changing trace acquisition levels |
/opt/Cosminexus/PRF/bin |
cprflevel |
Deny execution permission to any user other than the System administrator. |
Commands used by Management Server |
/opt/Cosminexus/manager/bin |
mngsvrutil |
Deny execution permission to any user other than the System administrator. |
/opt/Cosminexus/manager/bin |
mstrexport |
Deny execution permission to any user other than the System administrator. |
|
/opt/Cosminexus/manager/bin |
mstrimport |
Deny execution permission to any user other than the System administrator. |
|
/opt/Cosminexus/manager/bin |
ssoexport |
Deny execution permission to any user other than the System administrator. |
|
/opt/Cosminexus/manager/bin |
ssogenkey |
Deny execution permission to any user other than the System administrator. |
|
/opt/Cosminexus/manager/bin |
ssoimport |
Deny execution permission to any user other than the System administrator. |
|
/opt/Cosminexus/manager/bin |
uachpw |
Deny execution permission to any user other than the System administrator. |
|
/opt/Cosminexus/manager/bin |
mngsvr_adapter_setup |
Deny execution permission to any user other than the System administrator. |
|
/opt/Cosminexus/manager/bin |
Adapter_HITACHI_COSMINEXUS_MANAGER |
Deny execution permission to any user other than the System administrator. |
|
Management portal |
/opt/Cosminexus/manager/containers/m/webapps/mngsvr |
index.jsp |
Delete the file. |
/opt/Cosminexus/manager/containers/m/webapps/mngsvr |
login.jsp |
Delete the file. |
(14) Registering the System operator
The System administrator should use OS functions and Smart Composer functionality commands on the administrator terminal of the management server to set the user ID and password for the System operators. The System administrator should notify the System operators of user IDs and passwords set for them. The procedure for registering System operators is as follows:
-
Use the appropriate OS function to set the OS user ID and password for the System operator.
-
Use the appropriate OS function to deny administrator privileges to the System operator.
-
Use the cmx_admin_passwd command to replace the management user ID and password of the System administrator on Management Server with those of the System operator.
-
Use a safe means to notify the System operator of the user ID and password set in steps 1 and 3.