09-26-2014 03:37 AM
I would like to validate one of the SAS 9.3 EBI server configuration to validate Deployment which had on AIX with Websphere for middle tier.
Could i Request you to share any SAS recommend template for validation which are required to check for
SAS Servers configuration details and
AIX environment variable details..
websphere configuration details to make sure all are in plase as expected
09-26-2014 03:58 AM
Check on what for validation? I you want to validate:
- you must have a described situation as it should be (GermanOLL)
- you can verify that against an observed situation (German:IST)
With the SOLL/IST compare you have to decide on your actions:
- change IST (root cause can be a security incident alert)
- change Soll (improvement on existing situation)
Server settings and the SAS release are the more easy ones. They should kept stable unless by approved changes.
With some scripts using the X-cmd you can collect all those into SAS datasets/flat files and do a compare.
AIX environment added tools, CPU Ram etc SAS options and fixes are possible to do that way with a SAS EGP-project.
The websphere content is for Websphere toolings.
Autentication details is a topic on it own. You have your default SAS installation. This default one is not compliant with a lot of regulations.
You have your SAS metadata security and your OS security and your network security/firewalls. That is a lot of information.
The operational process is normally asking for some SIEM (Security Information & Event Monitoring) being in place. Security information and event management - Wikipedia, the free encyclopedia
09-26-2014 06:21 AM
Hi Jaap Karman,
Thank you for your information, but still not getting your reply on DOLL/IST.
I am framing once again my query if it was not clear.
She SAS Servers installed on AIX OS with Web sphere web server.
I would like to validate complete configuration E2E.
Is there any recommneded configuration template parametrs to compare and validate the configuration with actual values in the SAS system.
09-26-2014 07:02 AM
Ram4sas, You did implement that installlation?
What is your question about, it looks to be different than what you made up to it.
ad a/ There are a lot of recommendations for the realization.
SAS deployment: what’s the right size? - SAS Users There are papers (Crevar) on IO system tuning and more. That is how you are building up YOUR environment.
By that you are getting, when doing this job professional, a description how the installation should be configured. That is YOUR Soll.
And that is what your have to do when going to validate an existing installation someone else could have changed.
If you are looking for answers how an installation should be designed to determine what should be done from scratch. Than it is a different question.
In that case you are looking for the answer what the installation should become.
Start with the question what the intended result is and go through those papers. There are several with those dedicated to eg AIX. IBM Techdocs White Paper: SAS AIX 5L, AIX 6 and AIX 7 Tuning Guides But all is related on YOUR special usage.
If you have an existing installation and wondering it should be or could be improved or it is acceptable (audit).
Start with the documentation what has been done. When it is not there act as if you are building one from scratch.
There are a lot of audit papers with checklists you can add to that work. (NIST OWASP national cyber security guidelines).
http://csrc.nist.gov/publications/nistpubs/800-123/SP800-123.pdf and Categoryrinciple - OWASP with that you can design your SAS metadatasecurity.
Keep in mind RBAC Role-based access control - Wikipedia, the free encyclopedia is another design challenge that is related to YOUR environment/service to the business.
All of this because it is YOUR installation applied to YOUR business and should follow YOUR business policies.
Recommended configuration templates? forget it.
ICT with SAS has not evolved at that level. They are missing too many of those regulations guidelines.
10-07-2014 02:17 PM
Thank you for your reply, its has lot of needful info.
I have not implemented that installation. My client asked me to validate the system configuration and
values for memsize, sortsize what shoud be there and where should be.
workspace/stored process servers timeout details, number of clients/servers to run, JVM options,websphere values.