1.2 Data Storage Security

Most organizations physically secure the Operations Center server. The main security concerns regarding data storage involve third-party relational databases that are accessed through JDBC* calls. These requests involve the following Operations Center components:

  • The Event Data Store, which stores SNMP and Event Manager configuration data.

  • The Service Warehouse, which stores alarm history, audit data, and SLA and performance data, if Service Level Manager (SLM) is used.

  • The Configuration Storage database, which stores system configuration data such as access control permissions, service model elements and relationships, operations, and user account data.

  • An optional embedded database, which is accessed through JDO calls, can be used to store system configuration data. The embedded database is used by default upon installation.

  • User credentials are optionally stored on an LDAP server that stores user credentials (Identification and Authentication data). User credentials might or might not be stored on the Operations Center server, depending on whether the native or external I&A is used. If the external I&A option is deployed, credentials are stored in an external LDAP directory or data store and security is enforced by using the external data store‚Äôs security.

Database security is enforced by using the native Operating System and DBMS security mechanisms. For information on configuring databases, see the Operations Center Server Configuration Guide.

All other Operations Center server data (such as log data) are secured by using the native operating system security mechanisms. For example, use native OS security permissions to limit the set of users given access to the directories where Operations Center is installed.