Vendor-specific security information
Operating systems and application servers are included in your Adobe Primetime DRM solution.
To find vendor-specific security information for your operating system and application server, see Using the Adobe Primetime DRM Key Server.
Operating system security information
When securing your operating system, you must implement the measures that are described by your operating system vendor.
Here are some of the measures:
- Defining and controlling users, roles, and privileges
- Monitoring logs and audit trails
- Removing unnecessary services and applications
- Backing up files
Here is some information about the operating systems that are supported by Adobe Primetime DRM:
Microsoft® Windows Server® 2008 Enterprise or Standard Edition
Windows Server 2008 Security Guide
Red Hat® Enterprise Linux® 5.4, 5.5, and 5.6.
Red Hat Enterprise Linux 5 Security Guide
Here is some information about approaches to minimize security vulnerabilities in the operating system:
There is an increased risk that an unauthorized user might gain access to the application server if vendor security patches and upgrades are not applied in a timely fashion.
Note: Ensure that you test security patches before applying them to production servers.
You must create policies and procedures to regularly check for and install patches.
Virus protection software
Virus scanners can identify infected files by scanning for a signature or unusual behavior.
Scanners keep their virus signatures in a file, which is usually stored on the local hard drive. New viruses are discovered often, so you must ensure that this file is regularly updated. This way, virus scanners can always identify all current viruses.
Network Time Protocol (NTP)
For proper operation and forensic analysis, keep accurate time on Primetime DRM servers and packagers. Use a secure version of NTP to synchronize the Primetime DRM time on all systems that are connected to the Internet.
Application server security information
When securing your application server, you must implement the measures that are described by your server vendor.
Here are some of these measures:
- Using non-obvious administrator user name
- Disabling unnecessary services
- Securing the console manager
- Enabling secure cookies
- Closing unneeded ports
- Limiting administrative interfaces by IP addresses or domains
- Using the Java™ Security Manager