Versions Compared

Old Version 30

changes.mady.by.user Unknown User (slagell)

Saved on

compared with

New Version 31

changes.mady.by.user Unknown User (slagell)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Moved syslog to a requirment

...

  • Use two-factor authentication for administrative remote access, or request an exemption from Security.
  • Disable routing, traffic forwarding, bridging between subnets and other forms of internetwork traffic proxy through the host unless approved by Security & Networking.
  • Where possible, forward system logs to the NSCA syslog collector.

Additional  Configuration Recommendations:

...

  • Enable host-based brute-force mitigations utilizing the security team's host-based IDS if possible.Forward system logs to the security team's log collector.
  • Use the NCSA LDAP for authorization and an NCSA centralized authentication service.
  • Use host-based firewalls to enforce list of services running.

...