This paper discusses an actual implementation of the product HP OpenView Web Transaction Observer 3.0 (WTO) as a repeatable service offering within an Outsourcing environment. This paper describes the product architecture of WTO, and its main components. Then a high-level threat analysis is performed on this architecture, uncovering several security vulnerabilities in the standard ‘out-of-the-box’ product. Then the actual architecture implemented is discussed in terms of the mitigation or acceptance of risks. As this is an implementation that has been released into production, some details will be omitted from this paper, or will be changed where appropriate. Where sources are referenced they will be indicated with the reference number in parentheses, for example [1], matching the reference listed in Section 8.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
