96 IBM CSM to IBM Systems Director Transformation Guide
crucial to understand and control the data that is sent around in your network. If the data you
transmit is sensitive and not encrypted, consider isolating that data on a dedicated network.
Security policies and controls must be in place to ensure proper control of hardware
commands, such as remote console or remote power, is authenticated and authorized, as
well as user profiles and grouping, and access lists.
This purpose of this section is to highlight some of the security differences between CSM and
Systems Director. However, it is not within the scope of this section to document all the
differences between the two products because IBM Systems Director is so much more than
just a management tool that CSM was considered to be. Since the security differences are
mainly found in the authentication and authorization process, we primarily focus on these:
Authentication and authorization
Communication topology
Roles and responsibilities
Users and groups
4.4.1 Authentication and Authorization when using CSM
CSM uses the security functions of RSCT to ensure that the software components in your
cluster can properly interact and authenticate the identity of clients, peers, or RSCT
subcomponents, This determination is made in such a way that the cluster software
component can be certain that the identity is genuine and not forged by some party trying to
gain unwarranted access to the system.
Authentication
Authentication allows CSM to send and receive message keys (Message Authentication).
Each key is signed by the sender and the signature is verified by the receiver. The information
needed to verify the signature of the message is contained in a key and the authentication is
done by key exchange,also known as credentials-based authentication.
Be aware that authentication differs from authorization.
Authorization
Authorization used in CSM uses an access control list-based authorization that provides
access control to resource classes. The ACL is kept in a stanza format which is used to verify
whenever a given host has the permissions to access the resource class or instance for the
class named by the stanza. RMC is the only RSCT component that implements authorization.
CSM uses the security provided by the operating system. It does not come with any security
hardening software nor any agent-based encryption protocols, which leaves room to ensure
some of the more generic security concerns, especially since CSM utilizes the distributed
shell (dsh) or remote shell command. It is therefore the system administrator’s responsibility to
fulfill any security obligations that this environment may require, beause CSM does not
provide any specific security configuration.
Kerberos:
Kerberos is considered one of the few leftovers from the PSSP transition paths because
in the early days of PSSP neither the RSCT stack nor AIX provided any robust security
authentication stack. Kerberos was therefore needed to enforce and strengthen the
security within the management domain clustering environment. CSM did include its
own security layer (CtSec) that could be used out of the box, but based on the transition
path you might or might not have used it. In this book we do not cover Kerberos
authentication and authorization to Systems Director.
Get IBM CSM to IBM Systems Director Transformation Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
