Presentation is loading. Please wait.

Presentation is loading. Please wait.

TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 1.

Published byMadeline Jordan Modified over 9 years ago

Similar presentations

Presentation on theme: "TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 1."— Presentation transcript:

1 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 1

2 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 2 Database Security

3 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 3 Security Vulnerabilities Vulnerability Management System (VMS) IAVA Process for Helpdesk TOPICS Database Security

4 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 4 Security Vulnerabilities Whenever any vendor, be it Microsoft, Oracle, Veritas, or any other product used on the TPOCS and CCE servers, releases a vulnerability report or hotfix it is first tested in our lab environment Database Security

5 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 5 Security Vulnerabilities Once the IAVA-A, IAVA-B, or IAVA-T status is announced, the fix is applied into the ATIC production environment Database Security

6 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 6 Security Vulnerabilities Once the fix and IAVA status are confirmed, the information is released both in a spreadsheet report to the Service Managers and also as an update to the ATIC assets in the VMS system Database Security

7 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 7 QUESTIONS Security Vulnerabilities

8 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 8 Vulnerability Management System (VMS)

9 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 9 Vulnerability Management System (VMS) The ATIC production system is listed as an MTF in the Vulnerability Management System When updates or hot-fixes are approved and applied to the ATIC production system it will be reflected in the VMS Database Security

10 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 10 Vulnerability Management System (VMS) IAVA notices that are Not Applicable to the TPOCS and CCE systems are listed as such in the VMS This information should be visible to site administrators with VMS access Database Security

11 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 11 Vulnerability Management System (VMS) VMS report are accessed from the VMS Home page. To access the VMS website: https://vms.disa.mil DISA provides VMS training, implementation and operational support to VMS users. Database Security

12 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 12 QUESTIONS Vulnerability Management System (VMS)

13 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 13 IAVA Process for Tier3 Helpdesk

14 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 14 IAVA Processing 1.IAVA report initiated by DHSS 2.IAVA reviewed for relevance by CCE/TPOCS Tier3 Analyst. 3.If IAVA references a software package not loaded on CCE/TPOCS servers it is marked as N/A CCE/TPOCS does not use application. 4.If IAVA references a software package loaded on CCE/TPOCS servers, determination is made if the IAVA directly affects the CCE/TPOCS applications.

15 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 15 5.If the application referenced in the IAVA is loaded on CCE/TPOCS servers, but does not interact with CCE/TPOCS application (i.e., MS-Word, MS-Excel, Adobe Acrobat Reader, Windows 2000 Server) it is marked Apply Patch, Does not affect CCE/TPOCS. IAVA Processing

16 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 16 6.If the application referenced in the IAVA is loaded on CCE/TPOCS servers and directly affects the CCE/TPOCS application (i.e. Oracle Database, MS- SQL Database), the IAVA is referred to the proper analyst for installation and testing to verify the patch does not “Break” CCE/TPOCS. If the patch does not “Break” CCE/TPOCS, it is marked Apply Patch, Does not affect CCE/TPOCS. If the patch does “Break” CCE/TPOCS, RITPO is informed not to apply the patch until a fix is in place for CCE/TPOCS. IAVA Processing

17 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 17 QUESTIONS IAVA Processing

18 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 18 Oracle 10g/11g Server Patches

19 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 19 Oracle 10g/11g Server Patches Installation Oracle releases patches every 3 months PSI will evaluate Oracle patches released. If it is compatible with TPOCS IAVA will instruct the local SA to apply the patch. The administrator/BOC on each TPOCS server site is responsible to install the patch.

20 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 20 Client can be grabbed from http://www.oracle.com/technology/software/index.html http://www.oracle.com/technology/software/index.html Select “Runtime (218mb)” on installation. Copy tnsnames.ora and SQLnet.ora files from an existing TPOCS workstation and paste to the same folder from your workstation to connect to the Oracle server. Test connection using TPOCS or Oracle’s “Net Configuration Assistant”. If a user is not in the Administrator Group and needs to run TPOCS, the user must be grant read/write access to every node in C:\Oracle\ tree and C:\Program Files\Oracle\ tree. Oracle 10g Client Installation

21 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 21 Oracle 10g Server Patches Installation QUESTIONS

22 TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 22 Thanks for Attending TPOCS Technical Training

Download ppt "TPOCS Technical Training UBO/UBU Conference - TPOCS - 22-25 March 2010 1."

Similar presentations

EDC Client Installer An installation program which installs the EDC Client software on a workstation, for a client of your record center, with the data.

EDC Client Installer An installation program which installs the EDC Client software on a workstation, for a client of your record center, with the data.
National Database Templates for the Biosafety Clearing-House Application (NDT-nBCH) Overview of the US nBCH Applications.

National Database Templates for the Biosafety Clearing-House Application (NDT-nBCH) Overview of the US nBCH Applications.
The VeriTrak Enterprise Application Created for The Verification Company By CTO Source, Inc. This presentation provides an overview of the system and links.

The VeriTrak Enterprise Application Created for The Verification Company By CTO Source, Inc. This presentation provides an overview of the system and links.
Summer 200811 IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.

Summer IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.
Project 2002 A Proposal Application Project 2002 Actions.

Project 2002 A Proposal Application Project 2002 Actions.
Microsoft Systems Management Server Implementation at SLAC Freddie Chow Freddie Chow Stanford Linear Accelerator.

Microsoft Systems Management Server Implementation at SLAC Freddie Chow Freddie Chow Stanford Linear Accelerator.
1 Secure Your Business PATCH MANAGEMENT STRATEGY.

1 Secure Your Business PATCH MANAGEMENT STRATEGY.
How To Keep Up With Security Patches Eric Schultze Security Strategies Microsoft.

How To Keep Up With Security Patches Eric Schultze Security Strategies Microsoft.
VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.

VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.
VMware vCenter Server Module 4.

VMware vCenter Server Module 4.
Dynamics AX Technical Overview Application Architecture Dynamics AX Technical Overview.

Dynamics AX Technical Overview Application Architecture Dynamics AX Technical Overview.
Contributed by Chandra [Oracle Apps Tech Specialist] - oracle.anilpassi.com Discoverer 10g Migration Plan.

Contributed by Chandra [Oracle Apps Tech Specialist] - oracle.anilpassi.com Discoverer 10g Migration Plan.
Choose and Book Installing Security Broker (IA) client.

Choose and Book Installing Security Broker (IA) client.
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.
FileSecure Implementation Training Patch Management Version 1.1.

FileSecure Implementation Training Patch Management Version 1.1.
Managing CERN Desktops with Systems Management Server (SMS 2003) Michel Christaller Internet Services Group Department of Information Technology CERN May.

Managing CERN Desktops with Systems Management Server (SMS 2003) Michel Christaller Internet Services Group Department of Information Technology CERN May.
Installation and Administration

Installation and Administration
Lessons Learned: Using the Experience of Others to Avoid Common Project Server Mistakes LaDonna Carpenter Technical Lead Product Support Services Microsoft.

Lessons Learned: Using the Experience of Others to Avoid Common Project Server Mistakes LaDonna Carpenter Technical Lead Product Support Services Microsoft.
DB2 (Express C Edition) Installation and Using a Database

DB2 (Express C Edition) Installation and Using a Database

Similar presentations

Ads by Google