Omni-Gen™ Security Guide > Implementation for PCI Security Standards > Regularly Monitor and Test Networks

Regularly Monitor and Test Networks

Topics:

The following are recommendations and information for the Regularly Monitor and Test Networks requirements.

Requirement 10: Track and monitor all access to network resources and cardholder data

Omni-Gen Server Operations Console provides information on current and prior configuration values, enabling the user to revert back to a prior configuration. The Operations section of the Console can be used to monitor system health and audit information. It provides detailed information on:

  • Work order execution showing what data subjects have been processed with the statistics measures.
  • Number of records, transactions, and sources, being processed with statistics measures.
  • Database accessibility and latency, as well as specific query execution and measures.
  • Network information and access.
  • Diagnostic log files with detailed information for data processing.
  • Performance indicators across the system components.

Omni Governance Console, which is an end user facing tool, provides auditing of the user access, and utilizes the WSO2 security model.

The following log files are available for diagnostics and audit purposes. For convenience, commonly-used log files generated by most Omni-Gen processes can be found in the OmniGenData/logs directory, inside the Omni-Gen installation directory. The log files are further organized into the following subdirectories based on the process that generated them:

  • bundler. Deployment bundle service logs.
  • command. Output from any omni shell command.
  • controller. Omni Controller service logs.
  • dq. Logs from the Data Quality services.
  • OGC. OGC Tomcat standard output.
  • OmniDesignerRepository. All repository service Tomcat logs (including web applications).
  • server. Omni server logs.

In some cases, more detailed logs or output data can be found in the following locations:

  • deploymentbundle. Saved copies of deployed bundles.
  • deploymentbundle/logs. Zipped archives of deployment bundle service logs.
  • install/Omnigen_install_logs. Installer logging and debug output.
  • OmniDesignerRepository/webapps/Bridge/WEB-INF/lib/configuration. EMF bridge web application detail messages.
  • OmniGenData/deployment. Detailed deployment event timings.
  • OmniServer/dbms/changelogs. Most recent LiquiBase migration changesets.
  • OmniGovConsole/log. OGC Tomcat and web application logs.
  • wso2_is/repository/logs. WSO2 server logs.

Requirement 11: Regularly test security systems and processes

Recommendations and Information for Requirements Section 11.5

The client is advised on preventing any unauthorized direct access to the file system where the Omni-Gen product is installed and to ensure that the system is protected from any unintended access. The client is also advised not to modify or edit any of the files directly, unless instructed by Information Builders personnel in written form.