Manuals / Nortel Networks / Computer Equipment / Server

Nortel Networks NN44470-100 Certificate management, File system integrity and the fcheck tool

Models: NN44470-100

1 63
Download 63 pages 47.82 Kb
Page 30
Image 30

- 30 -

MAS administration and security

The default scheduled time for a scan to run is on Sundays at 4:22 AM. A script is provided to allow the configuration of a different day and time for when the scan is executed, or to disable automatic scanning entirely if this is desired. Scanning the entire file system (excluding configured system directories) takes at least 20 minutes under no load. This should be taken into account when determining the day and time when the scanner is to be run.

Retrieving the latest virus definition files from McAfee and manually loading them on the system is the responsibility of the onsite System Security Administrator.

File system integrity and the fcheck tool

The file system integrity security tool allows an System Security Administrator create a baseline of cryptographic hashes for a subset of files on the file system. Once a baseline is created, future baselines can then be compared against previous baselines to give the System Security Administrator an indication of what files have changed on the system since the last time the tool was run. Depending on which files were changed, added, or deleted since the last baseline was taken, the System Security Administrator can determine whether or not a security breach has occurred.

The file system integrity tool fcheck is the baselining tool used in this process, and is included with the OS installation. The fcheck tool must be run manually by an onsite System Security Administrator and must not be scheduled to run automatically by the system. The System Security Administrator must determine how frequently (weekly, for example) and under what conditions a baseline should be taken.

The purpose of the file security integrity tool is to track files that should not change very often. The tool allows a list of excluded directories and files to be used.

Usage instructions and documentation are included in the default directory location (C:\fcheck).

Certificate management

MAS 6.0 for AS 5300 uses the X.509 certificate type, that contains the public key for a server and a signature from the certification authority (CA). A certification authority is a trusted entity that issues, renews, and revokes certificates.

A server uses a certificate to identify itself. A TLS or SSL connection or an IPSec channel between two servers is established after two servers exchange certificates and authentication is completed when the certificates are verified.

Nortel Media Application Server 6.0 for AS 5300

Fundamentals

NN44470-100 01.01 Standard

Release 6.0 03 June 2008

Copyright © 2008, Nortel Networks

Page 29 Page 31
Page 30
Image 30
Nortel Networks NN44470-100 manual Certificate management, File system integrity and the fcheck tool
Page 29 Page 31