Security planning

This topic gives background information about the methods of maintaining security for the BMC PATROL Agent, lists default ownership and permissions for the PATROL Agent, and tells you how to change those ownerships and permissions. This topic contains the following sections:

Supported security methods

The following table lists the methods available for maintaining security for the PATROL Agent and tells you where you can find instructions for changing security.

Methods for maintaining security for the PATROL Agent

Firewall requirements

If your environment includes firewalls, you may have to modify the configuration of the firewall to accommodate PATROL. For information about installing and configuring PATROL in an environment with firewalls, see Installing.

Access control list

The Access Control List (ACL) controls which users are authorized to connect to an agent, in which modes and from which hosts. For information about how to set up an Access Control List, see Controlling access to the Agent.

Application accounts

You can instruct the PATROL Agent to use separate accounts for individual applications and instances. For more information about how to specify which accounts are used for which commands, see Establishing accounts and ports.

Ownership and permissions

The default ownership and permissions of the PATROL Agent log and configuration directories are set according to the following table:

Directories for ownership and permissions of agent log

The following table shows the default ownership and permissions of the log and configuration files: 

Default owner and permissions of log and files

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*