HP SM 9.31 System Hardening (86 Views)
Reply
Occasional Advisor
EfsyEngi
Posts: 14
Registered: ‎07-24-2013
Message 1 of 2 (86 Views)

HP SM 9.31 System Hardening

Hello again Experts,

 

We'd like to implement some hardening to our Service Manager web tier, clients and servers.

 

So far, I'm only aware of the documentation regarding enabling SSL and using https (mostly through SM Integration guides), though I'd like to know if there's more to hardening procedures to follow to further secure the SM system. If so, kindly point me in the right direction.

 

Versions:

 

RTE, Client, Webtier: 9.31.022

Tomcat: 7.0

 

Thanks!

 

 

Please use plain text.
Honored Contributor
Piku
Posts: 3,248
Registered: ‎06-17-2010
Message 2 of 2 (59 Views)

Re: HP SM 9.31 System Hardening

Hi ,

System hardening is not controlled from application but comes in majority at OS, Network and web server level.
So SSL is just a feature of protocol for connection and https is only implemented at Web server level.

Here you have to decide your vulnerability matrix, that is, how much you want to strengthen your security and it comes from your design document and client approval.

There are number of tool to check and list vulnerability on system.

You have to block and deny access from unwanted ports like any other than 8081,13080,443 (for OOB system).
You have to disable corssside scripting, default Password in tomcat/apache, Trace track and many more.


hth,
Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation