Addmi 18-appliance baseline


Published on

Published in: Technology, Design
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Addmi 18-appliance baseline

  1. 1. Appliance Baseline Change Control of the Appliance Itself
  2. 2. Appliance Baseline Outline <ul><li>What is Appliance Baseline </li></ul><ul><li>Where will I see it on the UI? </li></ul><ul><li>Viewing the differences </li></ul><ul><li>Controlling baseline actions </li></ul><ul><li>Updating the Baseline </li></ul>
  3. 3. Appliance Baseline <ul><li>The intent of the Appliance Baseline tool is to enable Atrium Discovery administrators to be alerted to any unintended or controlled configuration changes. </li></ul>
  4. 4. Appliance Baseline Overview <ul><li>When an appliance is installed or a change is made, a baseline of it’s configuration is established </li></ul><ul><li>When the appliance service is (re)started comparisons are made against this baseline </li></ul><ul><li>If current configuration fails to match the baseline this will be shown in the status page </li></ul><ul><li>The status page allows the choice of several actions as a remedy for failures </li></ul>
  5. 5. Where Can I Find Appliance Baseline Status? <ul><li>From the drop down menu on the icon bar </li></ul><ul><li>Administration > Appliance > Baseline Status </li></ul>
  6. 6. How Do I Know If I Need to Check the Status? <ul><li>Normal </li></ul><ul><li>Changes Detected </li></ul>
  7. 7. Baseline Status <ul><li>Actions are associated to severity levels </li></ul><ul><li>Scroll down to the bottom of the page to configure actions and options </li></ul>
  8. 8. Baseline Differences (1) <ul><li>Click on the name to view administration page for that type of check </li></ul>
  9. 9. Baseline Differences (2) <ul><li>Some changes will be shown directly below the status </li></ul>
  10. 10. Baseline Differences (3) <ul><li>Others will click through to a list of configuration changes </li></ul>
  11. 11. View Baseline Differences <ul><li>Click on the status link with the icon to see a side by side comparisons of changes </li></ul>
  12. 12. Checking Baseline <ul><li>Baseline is controlled by a number of option buttons at the base of the page </li></ul><ul><li>To force the baseline to be checked use the “Check Baseline Now” button </li></ul><ul><li>Baselines will be checked at start up and regular intervals </li></ul>
  13. 13. Updating Baseline <ul><li>If the change is expected the baseline should be updated </li></ul><ul><li>Baselines can be updated individually if some need investigation, or globally </li></ul>
  14. 14. Configure Baseline Actions (1) <ul><li>The Severity of failure can be set for each check </li></ul><ul><li>The Action to be taken on failure can also be set </li></ul>
  15. 15. Configure Baseline Actions (2) <ul><li>Email notification is set by default </li></ul><ul><ul><li>Email needs to be setup on the Appliance </li></ul></ul><ul><li>Can add more severe actions if needed </li></ul>
  16. 16. Configure Baseline Actions (3) <ul><li>Restrict Network Access </li></ul><ul><ul><li>Closes all ports on the Appliance apart from those specified in the Baseline Options </li></ul></ul><ul><ul><li>Use with care! </li></ul></ul><ul><li>Stop Discovery </li></ul><ul><ul><li>Halts any active discovery </li></ul></ul>
  17. 17. Configure Baseline Options <ul><li>Under Options you can configure </li></ul><ul><ul><li>Email alerts </li></ul></ul><ul><ul><li>Email messages </li></ul></ul><ul><ul><li>Which services to allow under network access restrictions </li></ul></ul>
  18. 18. Configure Baseline Options - Email <ul><li>Email Recipients </li></ul><ul><ul><li>Enter a list of addresses, a group address is advised </li></ul></ul><ul><li>Email Subject Template and Passed/Failed messages </li></ul><ul><ul><li>Can be edited if required, recommend they are left at default </li></ul></ul>
  19. 19. Baseline Alert – Email Example <ul><li>From: [ ] </li></ul><ul><li>Sent: 07 August 2009 21:15 </li></ul><ul><li>To: Archer Admin Group </li></ul><ul><li>Subject: Foundation Baseline: Archer: FAILED (MAJOR) </li></ul><ul><li>Baseline check results are: </li></ul><ul><li>Apache Configuration : OK </li></ul><ul><li>Apache HTTPS : OK </li></ul><ul><li>Crontab : OK </li></ul><ul><li>DNS Configuration : OK </li></ul><ul><li>Appliance eth0 : OK </li></ul><ul><li>Appliance Firewall : OK </li></ul><ul><li>NTP Configuration : OK </li></ul><ul><li>NTP Running : INFO: ntpd is not configured to run at run level 5 </li></ul><ul><li>Operating System : OK </li></ul><ul><li>Tideway RPM : OK </li></ul><ul><li>DataStore SoftLimit : MINOR: DataStore is 37GB which exceeds soft limit of 30GB </li></ul><ul><li>Discovery Scripts : OK </li></ul><ul><li>* </li></ul><ul><li>* </li></ul><ul><li>* </li></ul><ul><li>Login Credentials : OK </li></ul><ul><li>SNMP Credentials : OK </li></ul><ul><li>Highest severity failure was MAJOR </li></ul><ul><li>Action taken: </li></ul><ul><li>SEND_EMAIL </li></ul>
  20. 20. Configure Baseline Options – Services to Allow <ul><li>Services To Allow </li></ul><ul><li>All network access outbound and inbound will be blocked by the appliance firewall apart from these services </li></ul><ul><ul><li>ssh/http/https – inbound only </li></ul></ul><ul><ul><li>smtp/ldap/dns – bidirectional </li></ul></ul><ul><li>Use with great care! </li></ul>
  21. 21. Appliance Baseline Summary <ul><li>Appliance Baseline is used to monitor key configuration and operational properties of the Appliance </li></ul><ul><li>The severity of a check failing and the action taken as a consequence can be configured </li></ul><ul><li>When updating configuration of an Appliance remember when finished to </li></ul><ul><ul><li>Use the Check Baseline Now option to force a baseline run </li></ul></ul><ul><ul><li>Use the Update Baseline/Update All Baselines to register your changes as expected </li></ul></ul>
  22. 22. Further Resources <ul><li>Online Documentation: </li></ul><ul><ul><li> </li></ul></ul>Tideway Foundation Version 7.2 Documentation Title