Date post: | 30-Jan-2016 |
Category: |
Documents |
Upload: | jacob-pearson |
View: | 219 times |
Download: | 3 times |
Nsure™ Audit EssentialsRick MeredithSoftware EngineerNovell, Inc. Jaime BrimhallSoftware EngineerNovell, Inc.
© March 9, 2004 Novell Inc.2
one Net: Information without boundaries…where the right people are connected with the right information at the right time to make the right decisions.
The one Net vision
Novell exteNd™
Novell Nsure™
Novell Nterprise™
Novell NgageSM
:
:
:
:
© March 9, 2004 Novell Inc.3
The one Net vision
Novell Nsure solutions take identity management to a whole new level. Novell Nsure gives you the power to control access so you can confidently deliver the right resources to the right people — securely, efficiently, and best of all, affordably.
Novell Nsure™
Novell exteNd™
Novell Nsure™
Novell Nterprise™
Novell NgageSM
:
:
:
:
© March 9, 2004 Novell Inc.4
Presentation Overview
Overview and Architecture
Administration & Configuration• Platform Agent• Server Configuration• Queries• Reports
Application Instrumentation• Frozen Bubble Instrumentation
Verification• Signing and Chaining Events.
5
Secure Logging Server
Platform Agent
Notification
Service
Logging Service
Filte
r
SMTP
Flat
FileD
river
MonitoringApplications
ReportGenerator
SNMPSYSLO
GStorage
JavaCVR
…SQ
LD
river
Crystal Reports
Java APITCP/IP(TLS)
Alerts/Notifications
JMS
Even
t A
dap
ter
OracleSQL Server
MySQL
File Syste
m
[11:58:18] MyApp\ IMAP\ Authentication: Valid login for account “FMSmith" from 137.65.47.144[11:58:18] MyApp \POP3\ Authentication: Valid login for account "pfeiffer" from 195.224.28.4
C API
Ap
plic
atio
n
Ap
plic
atio
n
Ap
plic
atio
n
…
Monitoring Service
Disconnected
Mode Cache
Administrator
Nsure Audit Overview & Architecture
© March 9, 2004 Novell Inc.6
Administration & Configuration
Miscellenous Utilities & Tools• Platform Agent Configuration
Application
iManager (web application) is used to:• Configure Secure Logging Server (SLS) • Run Queries• Create Reports
LReport is used to:• Run Queries• Create Report
© March 9, 2004 Novell Inc.7
Platform Agent
Platform agent• Collects events from instrumented applications• Sends the events to the Logging Server• Caches the event in case of communication failure• Optionally signs the events for validation
© March 9, 2004 Novell Inc.8
Platform Agent Configuration Tool
© March 9, 2004 Novell Inc.9
Secure Logging Server (SLS)
Secure Logging Server (SLS)• Receives the events from the platform agent• Logs events to file or database• Sends any relevant notifications
10
iManager Nsure Audit Plugin
11
LReport
© March 9, 2004 Novell Inc.12
Application Instrumentation
Include the LogEvent header file and library in the application source code
If desired, contact Novell Developer Services to obtain a registered application ID and certificate for your product
Create a log schema configuration (LSC) file to describe the events that your application will send
Call the desired LogEvent functions from the appropriate locations in the application code
Create the necessary objects in eDirectory for the Secure Logging Server to recognize the new application
© March 9, 2004 Novell Inc.13
Log Schema Configuration (LSC) file
Defines the different events, used to translate text
Can be used with auditext to automatically generate the Application Object
#^Frozen Bubble Instrumentation^FBFB^FBubbleInst^EN##EventID,Description,Text1 Title,Text2 Title,Value1 Title,Value1 Type,Value2 #Title,Value2 Type,Group Title,Group Type,Data Title,Data Type,Display SchemaFBFB,Frozen Bubble,Frozen Bubble Instrumentation,,,,,,,,,,FBFB0001,Game Started,,,,,Start Time,,,,,,FBFB0002,Level Started,,,Level,,Timestamp,,,,,,FBFB0003,Level Completed,,,Level,,Timestamp,,,,,,FBFB0004,Level Completion Time,,,Level,,Total Time,,,,,,FBFB0005,Premature Exit,,,Level,,Timestamp,,,,,,FBFB0006,Died,,,Level,,Life Number,,,,,,FBFB0007,Game Ended,,,Level,,Timestamp,,,,,,FBFB0008,Final Score and Time,Username,,Level,,Total Time,,,,,,
© March 9, 2004 Novell Inc.14
Logevent Functions
LogOpen – create the log handle, connect to the server
LogEventDirect – send a log event with any of the available data fields
LogClose – close the log handle
LogEventText, LogEventNameValue, LogEventLong, LogEventRaw are macros that log events with only certain types of data
Unicode interface is also available
© March 9, 2004 Novell Inc.15
Instrumentation of Frozen Bubble
© March 9, 2004 Novell Inc.16
Verification (Signing & Chaining)
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. Novell, Inc., makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.
No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.