A bank has just acquired CA TDM. Their operations team mentions that when they create a new server in the bank, they need to configure the following standard software packages:
- Symantec SEP
- Symantec DLP
- Operating System Hardening
I wonder if there is anything documented on issues regarding the use of CA TDM on servers with these software installed.
What is CA's recommendation on the server so CA TDM can operate in compliance with their security standards/policies?
If they do SQL Server repository hardening by reducing privileges on PUBLIC role in SQL Server, then CA TDM Portal and Datamaker will stop working. It has caused a reversal of this exact decision with two other banks.
In addition, GTREP user must have the privileges (CREATE) set in our scripts for our products to work. By Definition, the GTREP user can only operate on the GTREP database. Thus, it is still a hardened environment. We use the privileged user to drop tables, create tables, update tables, etc. within our limited scope of operation within the SQL Server.
As more are defined by our Services Department, they can be added here.
You can download the latest version of TDM by following the directions in this document: https://support.ca.com/us/knowledge-base-articles.TEC1903942.html.
To contact support, go to https://www.ca.com/us/services-support/ca-support/contact-support.html.