Other Recommendations

General Security Environment

LogLogic LMI users are considered trusted users. The operating system and browsers used for accessing the Web GUI must be properly maintained and secured according to security best practices. SSH access on the appliance is enabled by default to enable configuration and maintenance of the appliance. However, the shell and CLI user accounts are separate to enable clean separation of duties. Thus, the shell account must be treated as a super-user account whose password is heavily guarded and seldom used. A proper X509 certificate, signed by a CA that is recognized by the browsers used, must be installed in place of the default certificate from the initial setup.

Selection of passwords

Specify a strong password for the LogLogic LMI administrator accounts (super user and root user), as these users perform all the critical operations. If the administrator account password is hacked, it can lead to damage or destabilization of the enterprise. The password should ideally consist of a minimum of eight characters, with a mix of uppercase and lowercase characters, numbers, and special characters.

Data Center Placement

Security and data protection recommendations when deploying your data center on-premises or on the cloud are as follows:

On-premises

While following security best practices, when deploying your LogLogic LMI to the data center, it is recommended that you place LogLogic LMI behind a firewall and other security devices. This adds extra layers of security in protecting your data, the appliance is protected by a layer of network security, and each port in use has access control lists (ACLs) that restrict access to the least range of IPs.

On the Cloud

Just as with an on-premises deployment, when deploying your LogLogic LMI to the virtual data center, it is recommended that you place LogLogic LMI behind a firewall and other security services. Running your LogLogic LMI in the same vPC as your core services provides not only additional protection, but also better performance for data collection. The appliance is protected by a layer of network security, and each port in use has ACLs that restrict access to the least range of IPs.

Backups

Backups must be exported to a secure location or put off-line and rotated to ensure quick recovery in case of failure. This also maintains a history on items such as data file checksums, which ensures that the files are not tampered in case of any suspicion.