Before you attempt to use WLS-VE, you need to establish a level of security to protect the integrity of your data and the safety of your transactions. This section describes the most critical security measures you should take before working with WLS-VE. These are:
The following information is of critical importance. Please read this section in its entirety.
BEA recommends that you follow these essential guidelines to secure LiquidVM in your production environment:
Do not store sensitive data on an NFS server. LiquidVM does not encrypt the communication with the NFS-server. Therefore, the data can be snooped on the local network. In general, storing sensitive data on NFS-servers greatly increases the security threats to your system. If you are using an NFS file server, see “NFS Security Measures in the WLS-VE,” v1.0 Installation and Configuration Guide for additional NFS security guidelines.
LiquidVM provides a secure runtime environment for the Java application out of the box, but the Java application has full access to its files. Therefore, it is important to ensure that the Java application running on LiquidVM is also secure.
Use a firewall to protect LiquidVM instances running on a local network from external access. In particular SSH, DHCP, ARP and ICMP traffic should not be allowed to reach LiquidVM from an external point.
Be sure to secure the VMware ESX servers so that no unauthorized users can gain root-access to these servers. LiquidVM is unable to protect itself if unauthorized root access to the ESX-servers is possible.
Configure the VMware Virtual Infrastructure such that only users that are trusted to modify the runtime state of LiquidVM are given control and console access to the VM. LiquidVM cannot protect itself from VM shutdown and other VM related attacks if this policy is not maintained.
Choose SSH passwords that are not obvious and store them securely. BEA recommends that your password contain a minimum of 8 characters, and consist of a combination of numbers, signs, and letters. It is critical that you follow this guideline because LiquidVM does not provide any kind of strength validation of the passwords.
If you use SSH private keys, be sure to store them in a secure fashion on the client machine so that other users cannot gain access to the private key.
Caution: If the SSH private key is somehow lost, there is no way to exchange the public key that is installed on the WLS-VE instance. This means you will not be able to remotely access the content on the WLS-VE instance because you won’t be able to connect via ssh or sftp. Therefore, you may also want to create a secure real password as well, so that you can still log in and access the files on the local disk, as explained in Installing a Real Password In Addition to a Public Key.
SSH is disabled by default. If SSH is enabled, be sure to install a public key or set a secure real password immediately. Once a password is set, temporary clear-text passwords and console displayed time-limited passwords will no longer work.
Store the start scripts used by a remote launcher in a secure manner so that unauthorized users do not have access to them. If you do not store these start scripts safely, the LiquidVM startup arguments can be compromised and confidentiality can be breached.
Securing WLS
To ensure the most secure environment for running WLS-VE, BEA recommends that you take the basic security measures required for a non-virtualized implementation of WLS. These measures are:
Secure the WLS host
Secure network connections
Secure your database
Secure the WebLogic Security Service
Secure any applications you plan to run
Refer to Securing a Production Environment for complete information on setting up basic WLS security. Also see the manufacturer’s security documentation for any applications you plan to run on WLS-VE.
Securing the VMware VirtualCenter
If you plan to use VMware’s VirtualCenter, you should follow all of the security practices recommended by VMware. See the
VMware Infrastructure Documentation for more information.
In addition to taking the security measures recommended by VMware, you should also secure your VirtualCenter password by removing it (actually, the encrypted representation of it) from the bea.lvm.info file. While the password is stored in an encrypted form to provide a high level of security, you still run the risk of it being compromised. To remove it from the bea.lvm.info file, do the following:
Go to your home directory (or //Documents and Settings/myDirectory on Windows) and open the bea.lvm.info file.
Locate the statement vmwarePassword=.
Delete the string of characters following the =.
Once the password is removed from the bea.lvm.info file, you will need to supply it every time you try to create or start a WLS-VE instance.
