Managing Security for Backup Networks 6-1
6
Managing Security for Backup Networks
This chapter describes how to make your backup network more secure. Oracle Secure
Backup is automatically configured for network security in your administrative
domain, but you can enhance that basic level of security in several ways. Secure
communications among the nodes of your administrative domain concerns the
encryption of network traffic among your hosts. Secure communications is distinct
from Oracle Secure Backup user and roles security concerns and security addressed
by the encryption of backups to tape.
This chapter contains these sections:
■ Backup Network Security Overview
■ Planning Security for an Administrative Domain
■ Trusted Hosts
■ Host Authentication and Communication
■ Encryption of Data in Transit
■ Default Security Configuration
■ Configuring Security for the Administrative Domain
■ Managing Certificates with obcm
Backup Network Security Overview
An Oracle Secure Backup administrative domain is a network of hosts. Any such
network has a level of vulnerability to malicious attacks. The task of the security
administrator is to learn the types of possible attacks and techniques to guard against
them. Your backup network must meet the following requirements to be both useful
and secure:
■ Software components must not expose the hosts they run on to attack.
For example, daemons should be prevented from listening on a well-known port
and performing arbitrary privileged operations.
■ Data managed by the backup software must not be viewable, erasable, or
modifiable by unauthorized users.
■ Backup software must permit authorized users to perform these tasks.
See Also: Oracle Secure Backup Administrator's Guide for more
information on users and roles management or backup encryption
To Next Page
Need help?
General