What are the Hardening steps performed on PTA VMware OVF image
advertisement
Home (/s/) Engage Additional Resources Welcome Center Sign-in / Register Have a Question? Ask the Community thing in the community... What are the Hardening steps performed on PTA VMware OVF image? The PTA (Privileged Threat Analytics) server ovf appliance image has already undergone the following hardening at the appliance operating system level. 26-Apr-2023 • Knowledge Article Article Total View Count 1,107 Article Number 000010261 Title What are the Hardening steps performed on PTA VMware OVF image? Issue / Details These are high level overview of PTA virtual appliance server hardening actions: -----------------------------------------------* Limiting network protocols from and to the PTA server. * Opening ports only on a need basis. * Limiting the default iptables rules configuration. More specifically as part of the PTA installation the following hardening steps are included: * Disables firewalld and auditd services * Configures iptables rules based on required need (see all the the relevant fixed and optional port usages here: https://docs.cyberark.com/ProductDoc/OnlineHelp/PAS/Latest/en/Content/PTA/PTA-Port-Usage.htm (https://docs.cyberark.com/ProductDoc/OnlineHelp/PAS/Latest/en/Content/PTA/PTA-Port-Usage.htm)) * Disables redirects * Denies packets with SRR option * Logs packets with impossible addresses to kernel log * Ignores all ICMP ECHO and TIMESTAMP requests sent to it via broadcast/multicast * Enables source validation by reversed path * Configures TCP SYN Flood Protection * Configures invalid broadcast response protection ==================================== Product PTA Environment PTA Security Cause Resolution Related Versions 11.3;11.4;11.5;11.6;11.7;12.0;12.1;12.2;12.6;13.0 URL Name What-are-the-Hardening-steps-performed-on-PTA-VMware-OVF-image Article Record Type Technical Issue PTA Privileged Threat Analytics (Core PA… (/s/topic/0TO2J000000ZuJHWA0/… (/s/topic/0TO50000000N5zEGAS/p… Attachments Title Last Modified Created By Upload Files Follow Related Articles Display issues in the PVWA for only limited number of user (/s/article/00004131) 694 Reconciliation can not be performed with limited account. code: 8026 (/s/article/Reconciliation-can-not-be-performed- with-limited-account-code-8026) PSM - A revocation check could not be performed for the certificate (/s/article/A-revocation-check-could-not-be-per- formed-for-the-certificate) PSMP closes session after showing This session is being Recorded message (/s/article/PSMP-close-Session-after-show- recorded-message) resolv.conf cannot be validated on PTA (/s/article/resolv-conf-cannot-be-validated-on-PTA) CyberArk Website (https://www.cyberark.com/) Terms & Conditions (https://www.cyberark.com/communities-terms-of-use/) Privacy Policy (https://www.cyberark.com/privacy-notice/) Community Feedback (MAILTO:km@cyberark.com) Users Access (MAILTO:Users.Access@cyberark.com) CyberArk © 2022 CyberArk Software Ltd. All rights reserved. Technical Community (https://cyberark-customers.force.com) 5.18K 4.81K 849 1.22K
