Overview of security considerations
As an administrator, you are responsible for the security of your DevOps Code ClearCase® deployment.
DevOps Code ClearCase security depends on host and network security. Therefore, ensure that you have met the security requirements for your deployment infrastructure as well as those for ClearCase itself.
Authentication and identity management
- For information on Lightweight Directory Access Protocol (LDAP), see Understanding LDAP Design and Implementation.
- For information on domain administration, see DevOps Code ClearCase and Windows domains.
- If you use MultiSite, refer to Identities and permissions strategy for VOB replicas.
Encryption
- For instructions on configuring Secure Sockets Layer (SSL), see technote 541765 and technote 78711.
- For information about using Microsoft Bitlocker with DevOps Code ClearCase, see technote 400481.
Authorization
- For information about DevOps Code ClearCase authorization, see VOB and view access control. If you plan to use DevOps Code ClearCase ACL authorization, consult operating system documentation for instructions on enabling OS-level ACLs.
- For information on platform-specific authorization administration, refer to Administering platforms for DevOps Code ClearCase.
Auditing
You can use the cleartool lshistory command to list VOB database events affecting filesystem objects, hyperlinks, types, storage pools, the VOB object itself, and VOB replicas. Alternatively, use the DevOps Code ClearCase History Browser for Windows.
Firewall configuration
If you use file-based packet transportation to synchronize VOB replicas, refer to Store-and-forward through a firewall (Linux and the UNIX system only).