Security baseline of network security

Safety baseline

 The safety baseline expresses the most basic safety requirements that need to be met .

 Baseline verification 

 Is the security baseline configuration verification （ Or check ) For short , It generally refers to according to the configuration baseline ( Different industries and organizations have different baseline requirements for security configuration ) Requirements for IT Check the safety configuration of the equipment , To find weak or unsatisfactory configurations .

1. Baseline check object

Note that in any baseline related management process , We need to give priority to the number of assets 、 type

2. Baseline check dimension

Whether for hardware or software , Baseline verification has common dimensions , It mainly includes the following aspects ：

• Access control
• Authorization management
• Invasion prevention
• Log audit
• Resource management

（1） Access control

for example ：

• User authority management
• User password management , Rename default user , Change the default password
• Delete or deactivate unnecessary accounts , Avoid sharing accounts
• Minimum user permissions , Separation of authority
• Access control granularity , process 、 file 、 Database table
• Sensitive information security mark

（2） Authorization management

for example ：

• Each application system 、 User management of equipment （ User and authority review 、 Password management )
• Login failure handling （ Account lock 、 Timeout exit )
• The remote management link should be encrypted (https ssh rdp)
• Two factor validation

（3） Invasion prevention

for example ：

• Minimum installation principle of equipment and system
• The port service is turned off by default
• During equipment management, you need to set the allowable management range
• Vulnerability management of systems and devices
• Intrusion detection of important nodes and equipment itself

（4） Log audit

• Whether all equipment and systems are subject to safety audit
• The audit includes users 、 Time 、 Event type 、 Event success, etc
• Audit records are backed up regularly
• Protection of the audit process
• The clock of audit equipment is unified
• User behavior audit on application

（5） Resource management

• Limit the use of resources and processes by a single user
• Redundancy of important node equipment
• Monitoring of important nodes ,CPU Memory hard disk
• Service performance detection of important nodes
• When the application is idle , Automatically end the session
• The maximum number of sessions of the business system or middleware
• Single user session restrictions
• The limit of resources occupied by the process

3. Baseline check method

• Manual inspection

• Automatic system check

  advantage ： Little work , Fast

  shortcoming ： May cause unknown effects

  principle ：

  ​ & Install the agent on the target system agent , To the operating system 、 Application software is applicable , But it is not applicable to the hardware equipment of packaging molding
  ​ & Script and run , Manual or automatic operation , Collect running results
  ​ & Provide the target system account , Scan and detect by special platform