-
Notifications
You must be signed in to change notification settings - Fork 27
Infrastructure_Security_Needs
movitto edited this page Jan 15, 2013
·
3 revisions
-
need a host that (at a minimum):
- provides the minimal cpu, memory, and network resources needed
- runs Fedora 17 or RHEL with selinux enabled and firewall in place
- encrypt entire disk image
- limit access to system & disk image, two or three admins w/ limited sudo access
- setup backup policy w/ offsite replication
- allow us to build cloud images via imagefactory
- setup sandboxes for imagefactory, deltacloud, other components
-
configure the application to:
- force ssl
- generate new session secret
-
Completed:
- Obtain ssl cert (aeolusproject now supports wildcard ssl subdomains)
- ensure Fedora / RHEL platform we are using is up to date w/ security fixes (being monitored by the Fedora/RHEL security teams and CVEs filed / taken care of)
Back to Hardening_the_app