94 Novell Business Continuity Clustering 1.1 Administration Guide for LinuxTable C-5 Security Information for Other ProductsC.3 Other Security Considerations Servers should be kept in a physically secure location with access by authorized personnel only. The corporate network should be physically secured against eavesdropping or packet sniffing.Any packets associated with the administration of BCC should be the most secured. Access to BCC configuration settings and logs should be restricted. This includes file systemaccess rights, FTP access, access via Web utilities, SSH, and any other type of access to thesefiles. Services that are used to send BCC data to other servers or e-mail accounts or that protect BCCdata should be examined periodically to ensure that they have not been tampered with. When synchronizing cluster or user information between servers outside the corporate firewall,the HTTPS protocol should be employed. Because resource script information is passedbetween clusters, strong security precautions should be taken. When a BCC is administered by users outside of the corporate firewall, the HTTPS protocolshould be used. A VPN should also be employed.Product Name Links to Security InformationNSS “Securing Access to NSS Volumes, Directories, and Files”(http://www.novell.com/documentation/oes/nss_enu/data/bv8n39l.html#bv8n39l).and“Security Considerations” (http://www.novell.com/documentation/oes/nss_enu/data/bx8gp06.html).eDirectory Security for eDirectory is provided by NICI. See the NICI 2.7xAdministration Guide (http://www.novell.com/documentation/nici27x/nici_admin_guide/data/a20gkue.html)Identity Manager “Security: Best Practices” (http://www.novell.com/documentation/idm/admin/data/b1bsw73.html) in the IdentityManager Administration Guide.iSCSI “Configuring Access Control to iSCSI Targets” (http://www.novell.com/documentation/iscsi1_nak/iscsi/data/h2mdblj1.html) and “Enabling and Configuring iSCSI InitiatorSecurity” (http://www.novell.com/documentation/iscsi1_nak/iscsi/data/hclny85e.html) in the iSCSI 1.1.3 AdministrationGuide for NetWare 6.5.OpenWBEM OpenWBEM should be configured on each node to allowonly the necessary users. OpenWBEM by default allows allusers. For more information, see “Changing theAuthentication Method” (http://www.novell.com/documentation/oes/cimom/data/bv4xqz9.html) in theOpenWBEM Services Administration Guide for OES.Linux User Management (LUM) Linux User Management Technology Guide (http://www.novell.com/documentation/oes/lumadgd/data/bookinfo.html#bookinfo).