Server Hardening Resources
Device Hardening eliminates as many security risks as possible from your IT system, making your organization less vulnerable to attacks.
Device and Service Hardening using NNT’s Change Tracker is the most efficient way to achieve compliance with relevant policies, guidelines and recognized benchmarks. The Center for Internet Security is the primary industry-standard for secure configuration guidance, developing comprehensive, consensus-derived checklists to help identify and mitigate known security vulnerabilities across a wide range of platforms.
Many Guidelines and Benchmarks covering hardened devices and services are available from various sources. NNT’s solution do incorporate those from PCI DSS, NERC-CIP, NIST 800-53 / 800-171, CIS, IT Grundschutz (Germany), those based on ISO27002 and others. They can be used to audit enterprise networks and then monitor continuously for any drift from your hardened build standard, to ensure systems stay within compliance 24/7.
As one of a handful of CIS Certified Vendors, NNT has also incorporated a broad range of CIS Benchmarks to check against and provide extensive reporting. Adding to this capability, NNT also provides Windows Audit Policy settings or Linux Audit Policy settings for an easier deployment of hardened device and services. The detailed CIS Benchmarks are available from the Center for Internet Security.
* For use with NNT Change Tracker Gen7 R2
Want clarity on what you really need to be doing by way of security best practice in your organization? Left scratching your head for clearer guidance after reading the PCI DSS, NERC CIP, GDPR or any other Governance, Risk and Compliance (GRC) standard? Still confused about what you must do and should do in terms of data protection for your business, and why? NNT recommend the CIS Controls as an essential 'go to' resource for any data security and compliance professional. Our thanks to the Center for Internet Security for continuing to expand the world's understanding of cyber security best practices.
Applying the CIS Benchmarks to your infrastructure can be a daunting task. For example, the latest benchmark for Windows 10 Enterprise – dated 05-18-2021 – is a 1,287 pages document covering more than 500 individual settings. If you want to check them manually, assuming you need 15 seconds for each, it will take you about 2 hours to verify a single device. Overall, the benchmark documents provided by the Center for Internet Security are detailed and difficult to operationalize.
Jumpstart this operation with a free-to-use, time-limited trial license of NNT’s Change Tracker including a 5 node coverage. This trial includes all CIS Benchmarks like those for Windows 10 and all other Windows Desktop Operating System including XP, for all Windows Server versions (2019, 2016, 2012, and 2008), for all Linux distributions, and for many more applications, devices and cloud instances.
Request your trial license and get an overview of your systems status in less than one hour.
Read: IT security basics are being overlooked
"Recent breaches have revealed that not only are many security experts guilty of focusing on the bright shiny new products while overlooking the more mundane evolutionary upgrades of traditional defences. Of course, security threats are constantly changing – but is that a reason to ignore the first principles of IT security: assessing vulnerabilities, hardening the infrastructure, and checking for unexpected changes?"
- Disable Windows Services
- Cyber Threat Sharing Bill and Cyber Incident Response Scheme – Shouldn’t We Start with System Hardening and FIM?
- File Integrity Monitoring – Database Security Hardening Basics
- Linux Server Hardening
- Windows Server 2008 2008R2 Hardening Guide
- Server Hardening Policy - Examples and Tips
- All Device Hardening Articles