© 2009 BMC Educational Services

Appliance Baseline

Change Control of the Appliance Itself

© 2010 BMC Educational Services

Appliance Baseline Outline

What is Appliance Baseline

Where will I see it on the UI?

Viewing the differences

Controlling baseline actions

Updating the Baseline

© 2010 BMC Educational Services

Appliance Baseline

The intent of the Appliance Baseline tool is to enable Atrium Discovery administrators to be alerted to any unintended or controlled configuration changes.

© 2010 BMC Educational Services

Appliance Baseline Overview

When an appliance is installed or a change is made, a baseline of it’s configuration is established

When the appliance service is (re)started comparisons are made against this baseline

If current configuration fails to match the baseline this will be shown in the status page

The status page allows the choice of several actions as a remedy for failures

© 2010 BMC Educational Services

Where Can I Find Appliance Baseline Status?

From the drop down menu on the icon bar Administration > Appliance > Baseline Status

© 2010 BMC Educational Services

How Do I Know If I Need to Check the Status?

Normal

Changes Detected

© 2010 BMC Educational Services

Baseline Status

Actions are associated to severity levels Scroll down to the bottom of the page to configure actions and

options

© 2010 BMC Educational Services

Baseline Differences (1)

Click on the name to view administration page for that type of check

© 2010 BMC Educational Services

Baseline Differences (2)

Some changes will be shown directly below the status

© 2010 BMC Educational Services

Baseline Differences (3)

Others will click through to a list of configuration changes

© 2010 BMC Educational Services

View Baseline Differences

Click on the status link with the icon to see a side by side comparisons of changes

© 2010 BMC Educational Services

Checking Baseline

Baseline is controlled by a number of option buttons at the base of the page

To force the baseline to be checked use the “Check Baseline Now” button

Baselines will be checked at start up and regular intervals

© 2010 BMC Educational Services

Updating Baseline

If the change is expected the baseline should be updated

Baselines can be updated individually if some need investigation, or globally

© 2010 BMC Educational Services

Configure Baseline Actions (1)

The Severity of failure can be set for each check

The Action to be taken on failure can also be set

© 2010 BMC Educational Services

Configure Baseline Actions (2)

Email notification is set by default Email needs to be setup on the Appliance

Can add more severe actions if needed

© 2010 BMC Educational Services

Configure Baseline Actions (3)

Restrict Network Access Closes all ports on the Appliance apart from those specified

in the Baseline Options Use with care!

Stop Discovery Halts any active discovery

© 2010 BMC Educational Services

Configure Baseline Options

Under Options you can configure Email alerts Email messages Which services to allow under network access restrictions

© 2010 BMC Educational Services

Configure Baseline Options - Email

Email Recipients Enter a list of addresses, a group address is advised

Email Subject Template and Passed/Failed messages Can be edited if required, recommend they are left at default

© 2010 BMC Educational Services

Baseline Alert – Email Example

From: archer@tideway.com [mailto:archer@tideway.com]

Sent: 07 August 2009 21:15

To: Archer Admin Group

Subject: Foundation Baseline: Archer: FAILED (MAJOR)

Baseline check results are:

Apache Configuration : OK

Apache HTTPS : OK

Crontab : OK

DNS Configuration : OK

Appliance eth0 : OK

Appliance Firewall : OK

NTP Configuration : OK

NTP Running : INFO: ntpd is not configured to run at run level 5

Operating System : OK

Tideway RPM : OK

DataStore SoftLimit : MINOR: DataStore is 37GB which exceeds soft limit of 30GB

Discovery Scripts : OK

*

*

*

Login Credentials : OK

SNMP Credentials : OK

Highest severity failure was MAJOR

Action taken:

SEND_EMAIL

© 2010 BMC Educational Services

Configure Baseline Options – Services to Allow

Services To Allow All network access outbound and inbound will be blocked

by the appliance firewall apart from these services ssh/http/https – inbound only smtp/ldap/dns – bidirectional

Use with great care!

© 2010 BMC Educational Services

Appliance Baseline Summary

Appliance Baseline is used to monitor key configuration and operational properties of the Appliance

The severity of a check failing and the action taken as a consequence can be configured

When updating configuration of an Appliance remember when finished to Use the Check Baseline Now option to force a baseline run Use the Update Baseline/Update All Baselines to register

your changes as expected

© 2010 BMC Educational Services

Further Resources

Online Documentation: http://www.tideway.com/confluence/display/81/Baseline+Configuration

Tideway Foundation

Version 7.2

Documentation

Title