第 II 部分 Hardening meassures #
- 3 General
Hardening your SUSE Enterprise Storage installation involves reducing the attack surface presented to potential attackers. But this is only the tip of the iceberg. All the basic tasks of securing a system applied to SUSE Enterprise Storage as well.
- 4 Network
SUSE Enterprise Storage is a complex system that communicates internally and externally via networks. As with all other systems careful design and control of this network access is vital for ensuring the security of your cluster.
- 5 Prevent Denial Of Service (DoS)
The most important piece in preventing Denial Of Service (DoS) is to put proper quotas on users and groups to ensure that clients can not exhaust resources easily. While this is not the only way a client can impact your cluster, it's the easiest one and also can happen by accident. For details on ho…
- 6 Authentication
Ensuring that clients need to authenticate before accessing ressources on SUSE Enterprise Storage is important to the security of the system. Allowing anonymous usage or weak authentication schemes should be avoided.
- 7 Confidentiality
Confidentiality is a common requirement. There are diffent ways of ensuring data stays confidential at different times of its lifecycle.