Messaging Gateway

 View Only

  • 1.  Confidential data of 8380 Appliance

    Posted Aug 18, 2009 03:41 AM
    Hi,

    first of all the the on the harddisk the policy as well as confidential information like message logs are stored.
    Furthermore in the initial setup phase when you build the SBG environment you have the default admin account on the appliance. Furthermore using a Control Center you can add more administrators.

    From that point the default admin account password is protected using the standard unix password mechanism.
    But what is with the accounts which are created using the web console? Are these passwords also covered by the UNIX standard password mechanism?

    Or is there a encryption of the hard disks?

    Thank you in advance




  • 2.  RE: Confidential data of 8380 Appliance

    Posted Aug 18, 2009 09:58 AM

    The 'admin' account created during installation has full access to the Control Center but only has access a limited set of commands when logged into an appliance via the command line interface.  Any additional accounts created only have access to login to the Control Center and can't actually login to the command line interface.

    Best Regards,

    Kevin


  • 3.  RE: Confidential data of 8380 Appliance

    Posted Aug 18, 2009 10:24 AM
    The default appliance accounts are hopefully stored using the RHEL mechanism.
    Whats about the administrator accounts are the passwords stored also on each appliance in the RHEL plattform, or are they store in plain text in the database?

    Furthermore, exists a hard disk encryption or is the solution for that to lock the appliance hard disks using the physikal key ;-)

    thank you
    toby


  • 4.  RE: Confidential data of 8380 Appliance
    Best Answer

    Posted Aug 18, 2009 10:42 AM
    The admin account is stored as a standard linux account(again no accounts have access to the file system).

    The passwords for all accounts that have access to the Control Center are encrypted in the mysql database.  Keep in mind the admin account doesn't have access to file system to access mysql. 

    There is no hard disk encryption, although most sensitive data is actually stored in the mysql database.  There are instances where sensitive data is encrypted on disk, one instance of this would be for customers who are using the Data Loss Prevention policies to store database extracts, this data is encrypted on the file system of the Scanner.

    Hope that helps,

    Kevin 


  • 5.  RE: Confidential data of 8380 Appliance

    Posted Aug 18, 2009 11:41 AM
    I think it's important to remember that the "admin" account is NOT a UNIX root account.  It appears to be in a chroot jail with only limited access to the file system.  There is also a support account which needs to be explicitly enabled.  This account has more privileges, but is stil not root.

    The exposed data on scanners is probably (I've not checked, but this makes sense for an MTA) pretty much limited to messages in any queues, and summary log data.   The Control Center also hosts your suspect spam, virus quarantime and the Incident databases which might contain sensitive data.