Difference between revisions of "Hardening Monitoring & Analysis"
(Created page with "== Introduction == Default configuration of most devices (viz. operation systems, databases, routers, switches, etc.) is not designed with security as primary focus which lea...") |
|||
| Line 1: | Line 1: | ||
== Introduction == | == Introduction == | ||
| − | Default configuration of most devices (viz. operation systems, databases, routers, switches, etc.) is not designed with security as primary focus which leaves them vulnerable to security threats. Hardening is the process of enhancing device security through a variety of means which results in a much more secure server operating environment. | + | Default configuration of most devices (viz. operation systems, databases, routers, switches, etc.) is not designed with security as primary focus which leaves them vulnerable to security threats. Hardening is the process of enhancing device security through a variety of means which results in a much more secure server operating environment. KHIKA provides hardening compliance reports which are precisely serve this purpose, to check devices for compliance against hardening policies. |
| − | KHIKA provides hardening compliance reports which are | + | |
| − | KHIKA collects hardening compliance data from devices on a daily basis which is then evaluated against pre-defined policies. | + | KHIKA collects hardening compliance data from devices on a daily basis which is then evaluated against [[KHIKA Hardening policies docs for each|pre-defined policies]]. |
| + | |||
The best defense against security attacks is to ensure server hardening policies are implemented and up to date, to minimize these loopholes. | The best defense against security attacks is to ensure server hardening policies are implemented and up to date, to minimize these loopholes. | ||
The resultant reports depict the hardening posture for the respective device wherein each policy along with its compliance status is rendered on KHIKA dashboards. | The resultant reports depict the hardening posture for the respective device wherein each policy along with its compliance status is rendered on KHIKA dashboards. | ||
| Line 16: | Line 17: | ||
| − | == | + | == Hardening Dashboard == |
Required Hardening Dashboard can be selected from the Dashboard list like other Dashboards | Required Hardening Dashboard can be selected from the Dashboard list like other Dashboards | ||
| − | + | [[File:Hard1.jpg|700px]] | |
Revision as of 10:46, 11 June 2019
Introduction
Default configuration of most devices (viz. operation systems, databases, routers, switches, etc.) is not designed with security as primary focus which leaves them vulnerable to security threats. Hardening is the process of enhancing device security through a variety of means which results in a much more secure server operating environment. KHIKA provides hardening compliance reports which are precisely serve this purpose, to check devices for compliance against hardening policies.
KHIKA collects hardening compliance data from devices on a daily basis which is then evaluated against pre-defined policies.
The best defense against security attacks is to ensure server hardening policies are implemented and up to date, to minimize these loopholes. The resultant reports depict the hardening posture for the respective device wherein each policy along with its compliance status is rendered on KHIKA dashboards.
Business Process flow for Linux Hardening
Following sequence explains the data flow and business process for Hardening analysis and monitoring using KHIKA :
- Hardening related data, values are collected into KHIKA using commands/scripts which run on servers via the Ossec Agent to get the hardening data into KHIKA.
- For Windows, Linux, Network devices and Oracle DB the polling interval is once every 24 hours.
- KHIKA processes this data and generates report dashboards which mention policy-wise which servers are non compliant and what is their current state vis a vis the desired.
- This data is captured once in every 24 hours and dashboards are refreshed with current results.
Hardening Dashboard
Required Hardening Dashboard can be selected from the Dashboard list like other Dashboards
