Executive Summary |
 |
Deployed Linux-based HP Open Source Middleware Stacks (OSMS) is an individual system composed of various components, configurations, and services. OSMS are a viable alternative to proprietary computer systems. When deployed, each system faces unique vulnerabilities and threats. Therefore, security cannot be applied to every system in the same way. No single security solution applies to all systems. To achieve an acceptable level of protection, you must understand your system and its environment.
Security is not static so a secure solution today may not be secure tomorrow. Therefore, security is a process rather than a single component, device, or practice. This process includes performing a continual analysis of effectiveness, making appropriate adjustments, and balancing trade-offs within a particular system.
This paper provides an overview of the security environment for OSMS in the system, network, and components areas. In addition, concise descriptions of important security considerations are included to enable you to choose an appropriate security strategy for your environment.
Intended Audience |
|
The intended audience for this document is all customers interested in learning about Linux security specific to OSMS.
Scope and Purpose |
|
This white paper is not a tutorial or a “how-to” document, and it does not describe how to secure OSMS. Rather, it provides a foundation for understanding the OSMS security environment and presents issues and options related to securing OSMS. You must choose the correct set of solutions for a particular system.
Each OSMS environment has a unique configuration, unique threats, and unique security goals. Therefore, each OSMS environment requires a unique security solution. Various open source tools and techniques for securing an OSMS environment are described in this paper and shown in Figure 1. In addition, background information for each topic is provided.
Information is organized in general technology topics, such as security background, essential security information, and advanced security information. Additionally, each section contains links to both introductory and advanced material, when applicable.
Examples that have direct application to securing OSMS are shown as follows:
HP Services |
|
HP Open Source Consulting Services can help you implement the technology stack into your enterprise and service-oriented architecture environment. HP professionals work with you to build and integrate open source and commercial software across multiple operating system (OS) environments.
HP Open Source Support Services offer industry-leading technical support services for hardware and software stack components. HP provides access to software technical support experts and one-stop accountability through a single contract, invoice, and phone number.
You also have access to software subscription networks from HP partners. HP support services are sold with software subscription services for JBoss and the entire JBoss Enterprise Middleware Suite (JEMS). This enables you to access the JBoss Operations Network to obtain certified patches, updates, fixes, and documentation.
To learn more about HP Open Source Consulting and Support Services, please contact your local HP sales representative or visit HP at:
http://www.hp.com/hps
Printable version
