Your SlideShare is downloading. ×
  • Like
Addmi 18-appliance baseline
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Addmi 18-appliance baseline

  • 359 views
Published

 

Published in Technology , Design
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
359
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
18
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Appliance Baseline Change Control of the Appliance Itself
  • 2. Appliance Baseline Outline
    • What is Appliance Baseline
    • Where will I see it on the UI?
    • Viewing the differences
    • Controlling baseline actions
    • Updating the Baseline
  • 3. Appliance Baseline
    • The intent of the Appliance Baseline tool is to enable Atrium Discovery administrators to be alerted to any unintended or controlled configuration changes.
  • 4. Appliance Baseline Overview
    • When an appliance is installed or a change is made, a baseline of it’s configuration is established
    • When the appliance service is (re)started comparisons are made against this baseline
    • If current configuration fails to match the baseline this will be shown in the status page
    • The status page allows the choice of several actions as a remedy for failures
  • 5. Where Can I Find Appliance Baseline Status?
    • From the drop down menu on the icon bar
    • Administration > Appliance > Baseline Status
  • 6. How Do I Know If I Need to Check the Status?
    • Normal
    • Changes Detected
  • 7. Baseline Status
    • Actions are associated to severity levels
    • Scroll down to the bottom of the page to configure actions and options
  • 8. Baseline Differences (1)
    • Click on the name to view administration page for that type of check
  • 9. Baseline Differences (2)
    • Some changes will be shown directly below the status
  • 10. Baseline Differences (3)
    • Others will click through to a list of configuration changes
  • 11. View Baseline Differences
    • Click on the status link with the icon to see a side by side comparisons of changes
  • 12. Checking Baseline
    • Baseline is controlled by a number of option buttons at the base of the page
    • To force the baseline to be checked use the “Check Baseline Now” button
    • Baselines will be checked at start up and regular intervals
  • 13. Updating Baseline
    • If the change is expected the baseline should be updated
    • Baselines can be updated individually if some need investigation, or globally
  • 14. Configure Baseline Actions (1)
    • The Severity of failure can be set for each check
    • The Action to be taken on failure can also be set
  • 15. Configure Baseline Actions (2)
    • Email notification is set by default
      • Email needs to be setup on the Appliance
    • Can add more severe actions if needed
  • 16. Configure Baseline Actions (3)
    • Restrict Network Access
      • Closes all ports on the Appliance apart from those specified in the Baseline Options
      • Use with care!
    • Stop Discovery
      • Halts any active discovery
  • 17. Configure Baseline Options
    • Under Options you can configure
      • Email alerts
      • Email messages
      • Which services to allow under network access restrictions
  • 18. Configure Baseline Options - Email
    • Email Recipients
      • Enter a list of addresses, a group address is advised
    • Email Subject Template and Passed/Failed messages
      • Can be edited if required, recommend they are left at default
  • 19. Baseline Alert – Email Example
    • From: archer@tideway.com [ mailto:archer@tideway.com ]
    • Sent: 07 August 2009 21:15
    • To: Archer Admin Group
    • Subject: Foundation Baseline: Archer: FAILED (MAJOR)
    • Baseline check results are:
    • Apache Configuration : OK
    • Apache HTTPS : OK
    • Crontab : OK
    • DNS Configuration : OK
    • Appliance eth0 : OK
    • Appliance Firewall : OK
    • NTP Configuration : OK
    • NTP Running : INFO: ntpd is not configured to run at run level 5
    • Operating System : OK
    • Tideway RPM : OK
    • DataStore SoftLimit : MINOR: DataStore is 37GB which exceeds soft limit of 30GB
    • Discovery Scripts : OK
    • *
    • *
    • *
    • Login Credentials : OK
    • SNMP Credentials : OK
    • Highest severity failure was MAJOR
    • Action taken:
    • SEND_EMAIL
  • 20. Configure Baseline Options – Services to Allow
    • Services To Allow
    • All network access outbound and inbound will be blocked by the appliance firewall apart from these services
      • ssh/http/https – inbound only
      • smtp/ldap/dns – bidirectional
    • Use with great care!
  • 21. Appliance Baseline Summary
    • Appliance Baseline is used to monitor key configuration and operational properties of the Appliance
    • The severity of a check failing and the action taken as a consequence can be configured
    • When updating configuration of an Appliance remember when finished to
      • Use the Check Baseline Now option to force a baseline run
      • Use the Update Baseline/Update All Baselines to register your changes as expected
  • 22. Further Resources
    • Online Documentation:
      • http://www.tideway.com/confluence/display/81/Baseline+Configuration
    Tideway Foundation Version 7.2 Documentation Title