O F E P

Loading

Security baselines, Security hardening: secure and configure your systems professionally

Usage of Security Baselines ensures that each application, product or hardware deployed is following best security practices enforced by the policy of your organization.
These documents are containg recommendations of the vendor and best practices to secure your system, implement extra layers of mitigation against threats and make it more resistant against cyber attacks.
OFEP assists his customers in writing and reviewing Security Baselines.
We have experience in writing security baselines for multiple products.
We have security baselines for following technologies in our portfolio :

Operating Systems

  • AIX
  • HP-UX
  • Linux (including kernel, sudo, OpenSSH services)
  • Solaris
  • Windows 2000
  • Windows 2003
  • Windows 2008
  • Windows 2012

Routers & Firewalls

  • Cisco IOS & CatOS routers & switches
  • Cisco Secure Tacacs+ ACS
  • Cisco Nexus routers & switches
  • Juniper Netscreen
  • Juniper JunOS
  • Checkpoint IP Series (Nokia) Firewalls
  • Fortinet FortiGate

Load balancers

  • F5 Big IP Load Balancers

Applications

  • Oracle Database
  • WebSphere MQ
  • Apache Webserver
  • Nginx Webserver
  • Microsoft IIS
  • Microsoft MS SQL Server
  • CFT & XFB Gateway File transfers
  • Tivoli Storage Manager (TSM)
  • Websphere Application Server (WAS)
  • Citrix & Xenapp
  • DB2
  • EMC
  • Vmware Vsphere & ESXi

This list is non exhaustive and we can also write security baselines for specific products.

Those security baselines allow your ICT organization to configure all applications, OS, infrastructure components homogeneously.For each technology, we collect all configuration parameters which need special attention from security perspective. Some equipment is provided with insecure parameters by default (default password, SNMP write enabled, debug feature enabled, wide ACL). Security features are not enabled by default most of time. Manual configuration is required to enable them.
Moreover, usage of security baselines demonstrates good maturity level and governance in your organization.

 

If a part of your ICT is outsourced, it’s even more important to setup security baselines carefully. In some organizations, “RUN” is outsourced but not security governance. By setting up security baselines, you can ensure that your ICT partner is following your guidelines and standard to configure equipment. We are able to automatize verification of security parameters. These validations can be automatically scheduled to run periodically to ensure that equipment is set inline with baselines.

Get in Touch

Subscribe and stay up-to-date on the latest improvements and services.