Veritas-bu

[Veritas-bu] Important -About Veritas Netbackup Security???

2005-07-27 11:32:21
Subject: [Veritas-bu] Important -About Veritas Netbackup Security???
From: Samuel.Grover AT cna DOT com (Grover,Samuel)
Date: Wed, 27 Jul 2005 10:32:21 -0500
The peoplesoft queue does a reasonable job tracking user initiated
restores, but other admins generally circumvent the process and the
oracle DBAs do their restores through RMAN and neither of those cases
are "trackable". 

To track restores from a media server perspective, I've prevented
restore_notify in /usr/openv/netbackup/bin from overwriting the
RESTORE_CALLED file it touches, which causes it to retain a history of
restores by media server.  I run a daily report that shows restores
requested, age of the image being restored and other vitals about the
restore.  It was initially used to show management a restore history,
but turned out to be a way to audit our restores from a SOX perspective.

Sam

-----Original Message-----
From: Hindle, Greg [mailto:Greg.Hindle AT constellation DOT com]
Sent: Wednesday, July 27, 2005 10:29 AM
To: Grover,Samuel
Cc: veritas-bu AT mailman.eng.auburn DOT edu
Subject: RE: [Veritas-bu] Important -About Veritas Netbackup Security???


How do you track your restores? Through netbackup or through a separate
system like a problem management/ticket system?



Greg


-----Original Message-----
From: veritas-bu-admin AT mailman.eng.auburn DOT edu
[mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu] On Behalf Of
Grover,Samuel
Sent: Wednesday, July 27, 2005 11:15 AM
To: Steve Quan
Cc: veritas-bu AT mailman.eng.auburn DOT edu
Subject: RE: [Veritas-bu] Important -About Veritas Netbackup Security???


My group handles all restores.  Users are not allowed to restore their
own files.  We are considering placing the restore burden on our
operations staff, but at the moment, they're not capable.

All restores are tracked when they are initiated. We know where the
restore was initiated, what image was requested, and where the restore
is headed.

Internally, users can't access the servers in the datacenter except on
the ports permitted through our internal firewalls.  Applications can
only speak on certain ports, so only those ports are available.
Netbackup and it's associated daemons are not included in the group of
ports made available internally.

Media going missing? If the media we lock in our lockboxes goes missing
on the ride from our facility to our offsite tape storage facility, the
offsite vendor has a few questions to answer.

Sam

-----Original Message-----
From: Steve Quan [mailto:sq01 AT yorku DOT ca]
Sent: Wednesday, July 27, 2005 10:05 AM
To: Grover,Samuel
Cc: Ra pa; veritas-bu AT mailman.eng.auburn DOT edu
Subject: RE: [Veritas-bu] Important -About Veritas Netbackup Security???


How about "internal security" ? Who does the restores ? How are
redirected recoveries handled/tracked ? I've also heard of media going
missing on it's way to the offsite location.

/Steve
---
On Wed, 27 Jul 2005, Grover,Samuel wrote:

>
> The corporate firewall keeps people out.. if someone gets in through
the
> firewall on port 13782, I'd say my network security folks have a
> problem.
>
> Sam Grover
> CNA Financial
>
> -----Original Message-----
> From: veritas-bu-admin AT mailman.eng.auburn DOT edu
> [mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu] On Behalf Of Ra pa
> Sent: Wednesday, July 27, 2005 9:38 AM
> To: veritas-bu AT mailman.eng.auburn DOT edu
> Subject: [Veritas-bu] Important -About Veritas Netbackup Security???
>
>
> I found this article on cnn technology.
>
>
http://www.cnn.com/2005/TECH/internet/07/25/hackers.backup.software.reut
> /index.html
>
> Will you guys provide some of your thoughts about securing netbackup
> environment, How to protect gaining someone access from client port to

> master..etc
>
> Any input will be much appreciate
>
>
> Thanks
> =kpr=
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com _______________________________________________
> Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
> http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
>
> E-MAIL CONFIDENTIALITY NOTICE:  The contents of this e-mail message
and any attachments are intended solely for the
> addressee(s) and may contain confidential and/or legally privileged
information. If you are not the
> intended recipient of this message or if this message has been
addressed to you in error, please
> immediately alert the sender by reply e-mail and then delete this
message and any attachments. If you
> are not the intended recipient, you are notified that any use,
dissemination, distribution, copying, or
> storage of this message or any attachment is strictly prohibited.
>
> _______________________________________________
> Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
> http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
>

E-MAIL CONFIDENTIALITY NOTICE:  The contents of this e-mail message and
any attachments are intended solely for the
addressee(s) and may contain confidential and/or legally privileged
information. If you are not the intended recipient of this message or if
this message has been addressed to you in error, please immediately
alert the sender by reply e-mail and then delete this message and any
attachments. If you are not the intended recipient, you are notified
that any use, dissemination, distribution, copying, or storage of this
message or any attachment is strictly prohibited.

_______________________________________________
Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu

>>> The information contained in this e-mail transmission is privileged
and/or
confidential intended solely for the exclusive use of the individual
addressee.
If you are not the intended addressee you are hereby notified that any
retention, disclosure or other use is strictly prohibited. If you have
received
this notification in error, please immediately contact the sender and
delete
the material. CEG-IP1

E-MAIL CONFIDENTIALITY NOTICE:  The contents of this e-mail message and any 
attachments are intended solely for the
addressee(s) and may contain confidential and/or legally privileged 
information. If you are not the
intended recipient of this message or if this message has been addressed to you 
in error, please
immediately alert the sender by reply e-mail and then delete this message and 
any attachments. If you
are not the intended recipient, you are notified that any use, dissemination, 
distribution, copying, or
storage of this message or any attachment is strictly prohibited.