Introducing Core and Extended configuration policy templates for CentOS, RHEL, and Ubuntu Linux:
CloudPassage is pleased to introduce four new server security configuration policy templates, immediately available to Halo Basic and Professional subscribers. These policy templates are designed for use with CentOS, RedHat Enterprise, and Ubuntu Linux distributions, and as with all policy templates may be cloned and edited to fit your specific needs.
We’re providing “Core” and “Extended” policies that work with both RedHat Enterprise Linux and Centos Linux, and Core and Extended policies for Ubuntu Linux.
The Core policies focus on critical system checks that are important basic practices for any configuration. They are the most basic set of security configuration recommended for any system. This means that there are less checks, and any failures should be taken under serious consideration.
The Extended policies are intended to be used in addition to the Core policies, and check for more advanced security settings. It’s almost certain that scanning a server with an Extended policy will result in a number of issues. Because of the complexity of these advanced rules, it’s probable that they need to be adjusted to fit your configuration. Until you do this, some rules will probably result in false positives (issues being reported in error). The Extended policies are appropriate for higher security needs.
The rules in these policies have been screened to remove as many false positives as possible. Because of the highly variable nature of server configurations, there are some cases where the policy may report a failure incorrectly, or may report a failure that is not a concern for your specific system configuration. For example, the Core policy validates that a logging service is running, a critical security practice. In most cases, syslog-ng is used, and if you are running syslog-ng then the rule will report that this check has passed. However, you may be running rsyslog, another valid logging service. In this case, you need to adjust the rule to reflect that you use rsyslog. Where possible, we have provided multiple options within a rule to make it simple for you to activate the correct check for your specific environment.
These policy templates also include detailed remediation instructions, usually with specific commands needed to fix any reported issues. As with the checks themselves, it may be necessary for you to adjust these commands to fit your specific system configuration.
These new policies can be found in the list of policy templates under the names “CentOS and RHEL Linux Core Policy v 2.0”, “CentOS and RHEL Linux Extended Policy v 2.0”, “Ubuntu Linux Core Policy v2.0”, and “Ubuntu Linux Extended Policy v2.0”.
The Security Analysts at CloudPassage hope that you find these new policies useful and informative. We’re constantly creating and refining server configuration security policies and love feedback – please use this comments section or the Ideas tab on this community site.