IMPACTS OF LEGACY SYSTEMS IN PUBLIC AGENCIES: ANALYSIS AND MODERNIZATION PROPOSAL
DOI:
https://doi.org/10.63330/armv1n10-003Keywords:
Legacy systems, IT infrastructure, Information securityAbstract
With the growing advancement of information technology, more efficient methods for the centralized management of IT infrastructure and data are emerging, from on-premise infrastructures to cloud platforms. The progress in information technology requires public administration to modernize its infrastructure to ensure efficiency, security, and compliance. However, many agencies still rely on legacy systems that limit their potential and introduce significant risks. This paper aims to analyze the impacts of a legacy server in a public agency by evaluating its performance, security, and effects on users, as well as proposing a viable modernization solution. The case study addresses the incompatibility between a Debian 7 “Wheezy” server running Samba 3.6.6 and Windows 11 workstations, demonstrating the need to deliberately downgrade security protocols to maintain functionality. Technical metrics and user perception highlight how technological obsolescence impairs productivity and exposes the institution to risks, justifying the urgency of migrating to modern systems.
References
ABNT. NBR ISO 9241-11:2018: Ergonomia da interação humano-sistema - Parte 11: Usabilidade: Definições e conceitos. Rio de Janeiro: ABNT, 2018.
ABNT. NBR ISO/IEC 27001:2022: Segurança da informação, segurança cibernética e proteção à privacidade - Sistemas de gestão da segurança da informação - Requisitos. Rio de Janeiro: ABNT, 2022.
BRASIL. Lei nº 13.709, de 14 de agosto de 2018. Lei Geral de Proteção de Dados Pessoais (LGPD). Brasília, DF: Presidência da República, [2018].
DESMOND, Brian et al. Active Directory: Designing, Deploying, and Running Active Directory. 5. ed. Sebastopol: O'Reilly Media, 2013.
MICROSOFT. Stop using SMB1. Microsoft Community, 2020. Disponível em: https://techcommunity.microsoft.com/blog/filecab/stop-using-smb1/425858. Acesso em: 20 out. 2025.
MICROSOFT. Melhorias de segurança do SMB. Microsoft Learn, 2025. Disponível em: https://learn.microsoft.com/pt-br/windows-server/storage/file-server/smb-security. Acesso em: 20 out. 2025.
MICROSOFT. Visão geral da assinatura do Bloco de Mensagens do Servidor (SMB). Microsoft Learn, 2025a. Disponível em: https://learn.microsoft.com/pt-br/windows-server/storage/file-server/smb-signing-overview. Acesso em: 20 out. 2025.
MICROSOFT. Não é possível ingressar computadores em um domínio. Microsoft Learn, 2025b. Disponível em: https://learn.microsoft.com/pt-br/previous-versions/troubleshoot/windows-server/cannot-join-computer-to-domain. Acesso em: 20 out. 2025.
MICROSOFT. Visão geral da autenticação Kerberos, 2025c. Disponível em: https://learn.microsoft.com/pt-br/windows-server/security/kerberos/kerberos-authentication-overview. Acesso em: 21 out. 2025.
MICROSOFT. Autenticação de usuário NTLM, 2025d. Disponível em: https://learn.microsoft.com/pt-br/troubleshoot/windows-server/windows-security/ntlm-user-authentication. Acesso em: 21 out. 2025.
NEMETH, Evi et al. UNIX and Linux System Administration Handbook. 4. ed. Upper Saddle River: Prentice Hall, 2011.
NHS ENGLAND. Lessons Learned Review of the WannaCry Ransomware Cyber Attack. Londres: Department of Health and Social Care, 2018. Disponível em: https://www.england.nhs.uk/wp-content/uploads/2018/02/lessons-learned-review-wannacry-ransomware-cyber-attack-cio-review.pdf. Acesso em: 20 out. 2025.
NIST. NIST Cybersecurity Framework (CSF) 2.0. National Institute of Standards and Technology, 2024. Disponível em: https://doi.org/10.6028/NIST.CSWP.29.por. Acesso em: 21 out. 2025.
SAMBA. Hardening Samba as an AD DC, 2025. Disponível em: https://wiki.samba.org/index.php/Hardening_Samba_as_an_AD_DC#ntlm_auth. Acesso em: 21 out. 2025.
SOMMERVILLE, Ian. Engenharia de Software. 9. ed. São Paulo: Pearson Prentice Hall, 2011.
STALLINGS, William; BROWN, Lawrie. Computer Security: Principles and Practice. 3. ed. Upper Saddle River: Pearson, 2014.
TERPSTRA, John H. NT4 PDC Migration to Samba-3. In: sambaXP Conference, 2003, Göttingen. Proceedings... Göttingen: sambaXP, 2003. Disponível em: https://sambaxp.org/archive-data-samba/sxp03/terpstra-XP2003.pdf. Acesso em: 21 out. 2025.
UNIVENTION CORPORATE SERVER. Manual for users and administrators, 2025. Disponível em: https://docs.software-univention.de/manual/latest/en/index.html. Acesso em: 21 out. 2025.
Downloads
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
