Sun and OracleChannel SunHow to BuyLog InEspañol

Site/SunNet/Domain Manager Administration Guide
  Buscar sólo este libro
Buscar Ayuda
Contained Within
Find More Documentation
Featured Support Resources
 Descargar este libro en PDF

Network Management Security

11

This chapter covers the following topics:
  • Authentication
  • Access Control
  • The Security Algorithm
  • Conferring Right-of-Access
SunNet Manager provides an optional security mechanism for restricting access to agent services. As delivered, any manager may request data and/or event reporting from any SunNet Manager agent. For each agent, you can specify read-security for data and event report requests and write security for Set requests. This section describes how to customize security for your SunNet Manager environment.
SunNet Manager security uses and builds upon the "secure networking features" introduced in SunOS 4.x. These security features are based on DES encryption and public key cryptography. If you are installing this product on Solaris 1.x, we recommend that you first read the "Secure Networking" chapter in the Security Features Guide before reading the rest of this chapter. If you are installing for Solaris 2.x, you should first read SunOS 5.2 Administering Security, Performance, and Accounting before continuing with this chapter.
SunNet Manager implements security by giving an agent the option to authenticate each network management request before acting on it. The two elements of security are:
  • Authentication--is the requestor really who he claims to be?
  • Access control--does the requestor have sufficient right-of-access to make this request?

11.1 Authentication

SunNet Manager uses the RPC protocol DES authentication feature to prove the identity of the user making the request. This guarantees that the request is coming from a genuine source and makes it computationally infeasible for anyone to impersonate that source.

11.2 Access Control

Once the requestor's identity is authenticated, SunNet Manager verifies that the requestor has the required right-of-access. SunNet Manager confers right-of-access based on the "netgroups" feature of Sun OS 4.x, which was carried forward to SunOS 5.x (Solaris 2.x). Consult the following:
  • The SunOS 5.2 manual Administering TCP/IP and UUCP (for Solaris 2.x installations),
  • The netgroup(5) man page, and
  • "Setting up Network Software" in the System and Network Administration Guide (for Solaris 1.1 installations).
Access rights are administered by granting membership in one of the five network security groups. These groups are named:
  • netmgt_security_one
  • netmgt_security_two
  • netmgt_security_three
  • netmgt_security_four
  • netmgt_security_five
Access control for members of this group works as follows:
The Agent Library has a global variable, Network Management Security Level, that can have a value between 0 and 5. The value 5 is the most secure and will allow only members of the network group netmgt_security_five access to network management functions served by this agent library. All other requestors will be refused. The value 4 will allow access to members of groups
netmgt_security_four and netmgt_security_five and so on. Lower values of the Network Management Security Level variable allow access to members of more and more network groups and the value 0 provides no access control at all.
For the security scheme to work, both the manager's and the agent's machine (and their respective NIS/NIS+ master server machines) must be running under SunOS 4.0 or later, and the keyserv daemon must have been started at boot-time in one of the following ways:
  • By the /etc/rc2.d/S71rpc script, if the installation is in a Solaris 2.x environment
  • From the /etc/rc.local file, if installed in a SunOS 4.x environment.

11.3 The Security Algorithm

The following algorithm is used by the agent library to verify the authenticity and the access rights associated with every incoming request.
  1. Since all security and authentication depends upon NIS/NIS+, first check if NIS/NIS+ is up and running. If NIS/NIS+ is down, reject the request indicating that NIS/NIS+ is not running.

  2. Check Network Management Security Level to ascertain the level of security being requested. If this value is zero, bypass the following checks and allow this request through without authentication.

Note - UNIX-style authentication is not supported.
  1. Verify that the request has a DES style authenticator. If not, the request is refused, indicating too weak an authentication.

  2. Verify that a domain specific user-id and password table entry exists for the network name supplied in the DES authenticator contained in the request. If not, the request is refused.

  3. Finally, confirm membership of the appropriate network groups based on the value of Network Management Security Level (for a value of 1, check groups 1 through 5; for a value of 2, check groups 2 through 5; etc). Deny the request if membership is not confirmed.

If the request passes the above tests, it is considered successfully authenticated, and processing of the request proceeds as normal.

11.4 Conferring Right-of-Access

Now that you understand how security works, let's look at how to confer right-of-access for your agent.
  1. Create up to five network groups for the network named

netmgt_security_one, netmgt_security_two,
netmgt_security_three, netmgt_security_four, and
netmgt_security_five.
  1. Include in these groups the user-names of the system administrators who have permission to run SunNet Manager. This grouping defines a hierarchy of abilities for the administrators. Those administrators who are members of the netmgt_security_five group have maximum privilege and can send requests to any agent. Members of the netmgt_security_four group can send requests to agents with security level 4, 3, 2, 1 or 0. Members of the last group, netmgt_security_one, can send requests to agents with security level 1 or 0.

  2. For each administrator, create a new public key for the administrator's user- name using newkey(8).

  3. For each host on which you have agents installed, create a new public key for the super-user at the host using newkey(8).

  4. Decide the level of read-security and write-security you wish to assign to your agents and set the security levels associated with the agent name in the SunNet Manager configuration file snm.conf to values between 0 (no security) and 5 (maximum security) on each system where agents are installed.

An example entry is shown below:

  na.snmp      2  4
This sets the SNMP proxy agent read-security level to 2 and write-security level to 4. A user must be in at least the netmgt_security_two network group to request SNMP data or event reports and in at least the netmgt_security_four group to invoke SNMP Set requests.
If the snm.conf file does not contain an entry for an agent, the agent's read and write security levels default to 0--no security checking. If the entry for an agent contains only one number, the agent's read and write security levels are set to that number.