EMC® Avamar® 7.0 Product Security Guide Avamar
avamar-7.0-security-guide
avamar-7.0-security-guide
avamar-7.0-security-guide
User Manual:
Open the PDF directly: View PDF
Page Count: 162 [warning: Documents this large are best viewed by clicking the View PDF Link!]
- Preface
- Introduction
- User Authentication and Authorization
- Client/Server Access and Authentication
- Network access control
- Client/server authentication
- One-way authentication
- Requesting signed certificates using a Certificate Signing Request
- Requesting signed certificates using an enrollment form
- Signed certificates from a private CA
- Installing certificates in Avamar
- Configuring Avamar to use server authentication
- Configure clients to accept the server certificates
- Enforcing encrypted client/server communications
- Two-way authentication
- Requesting client certificates using a Certificate Signing Request
- Requesting client certificates using an enrollment form
- Use a private CA to sign client certificates
- Configuring Avamar for client authentication
- Installing a client certificate on a Windows client
- Installing a client certificate on a UNIX-like client
- Verify client/server authentication
- Web browser authentication using Apache
- Tomcat server authentication
- SSH authentication with Data Domain
- Data Security and Integrity
- System Monitoring, Auditing, and Logging
- Server Security Hardening
- Overview
- Level-1 security hardening
- Advanced Intrusion Detection Environment (AIDE)
- Auditing service (auditd)
- sudo implementation
- Command logging
- Locking down single-user mode on RHEL servers
- Disabling Samba
- Remove weak ciphers from Apache web server
- Force strong encryption for Java and Tomcat connections
- Removing suid bit from non-essential system binaries on RHEL
- Preventing unauthorized access to GRUB configuration
- Level-2 security hardening
- Level-3 security hardening
- Level-3 prerequisite
- Level-3 tasks
- Disabling Apache web server
- Disabling Avamar Enterprise Manager
- Disabling Dell OpenManage web server
- Disabling Avamar Desktop/Laptop
- Disabling SSLv2 and weak ciphers on all nodes
- Updating SSH
- Disabling snmpd
- Disabling RPC
- Preventing access to port 9443
- Changing file permissions
- Preparing for a system upgrade
- Port and Network Requirements
- Enterprise Authentication
- IAO Information
- Index