Difference between revisions of "ZenPack:Enterprise Security"

From Zenoss Wiki
Jump to: navigation, search
(Deleted instruction to search data.fs because under relstorage this instruction is nonsensical. Per Mark Shoemaker.)
 
Line 34: Line 34:
 
|}
 
|}
  
 
== Testing Password Encryption ==
 
 
 
To test password encryption, use the <span class="keyword cmdname">grep</span> command to search the <span class="ph filepath">Data.fs</span> file for the value of one of the password configuration properties. For example, if you set zCommandPassword to a value of wobet51, you can check that passwords are encrypted by using this command on the <span class="ph">Zenoss platform</span> master host:
 
 
<pre class="pre codeblock programlisting">strings $ZENHOME/var/Data.fs | grep wobet51</pre>
 
If password encruption is working correctly, this command returns no results.
 
 
{{ZenPackFooter}}
 
{{ZenPackFooter}}

Latest revision as of 13:58, 25 June 2014


Note: This ZenPack is available in commercial versions of Zenoss. Click here to request more information about this commercial ZenPack. Click here to see all commercial ZenPacks.

Organization
Zenoss, Inc.
ZenPack name
ZenPacks.zenoss.EnterpriseSecurity




Enterprise Security ZenPack

The EnterpriseSecurity ZenPack enhances Resource Manager security by enabling password encryption.

Warning

The ZenPack Catalog has moved to its new home at https://www.zenoss.com/product/zenpacks as of January 17, 2017. The following information may be out of date, and this page will eventually be removed.

Support

This ZenPack is included with commercial versions of Zenoss and enterprise support for this ZenPack is provided to Zenoss customers with an active subscription.

Background

The ZenPacks.zenoss.EnterpriseSecurity ZenPack enhances Zenoss platform security by encrypting stored passwords.


Zenoss platform stores the passwords it uses to remotely access hosts in a Zope Object Database (ZODB). After enabling this feature, these passwords are encrypted according to the Advanced Encryption Standard (AES), with 256-bit key sizes.

By using the password encryption feature, you can help prevent an attacker from accessing your managed systems if he gains access to a backup copy of your ZODB.


Prerequisites

Prerequisite Restriction
Product Zenoss platform 4.x, Zenoss 2.5 or higher
Required ZenPacks ZenPacks.zenoss.EnterpriseSecurity

Installation

Normal Installation (packaged egg)

  1. Download the appropriate egg file for the version of Zenoss you are running.
  2. Ensure you are logged in as the zenoss user:
    $ sudo su - zenoss
  3. Install the ZenPack:
    $ zenpack --install ZenPacks.zenoss.EnterpriseSecurity-*.egg
  4. Restart these services:
    $ zenoss restart


Discuss

Purplemarker.png New: Don't forget to add yourself to the Zenoss User Map!

blog comments powered by Disqus