The FUJITSU Server BS2000 SE Series with Management Unit, HNC and Server Unit x86 are systems which satisfy stringent security requirements. The statically implemented security of a hardened system which cannot be influenced by administration activities is involved here.
The base system of the Management Unit, HNC and Server Unit x86 is a Linux system based on SUSE Linux Enterprise Server (SLES) 11.
The base system is used exclusively to administer the systems themselves. No normal user operation with customer applications takes place.
These systems are characterized by the following features:
Only signed software components which are required for operation are installed.
The base system software which is used on the systems is supplied on a CD/DVD which contains a checksum. During installation the checksum is used to check whether all the packages on the CD are uncorrupted, i.e. their status is the same as that when they were produced.
Nonprivileged accounts are used for user access.
These accounts are equipped with clearly defined (and restricted) functions and access rights as part of a differentiated role concept.
No access to the system is possible outside of this role concept.
A rights escalation is not possible in the context of this role concept.
Access to theroot
account is locked. Rights which are required for maintenance/diagnostics or for updates by FUJITSU Customer Support are implemented by extended rights of the Service role.The role and user strategies enable personalized accounts to be configured and passwords and password attributes to be managed.
Actions which lead to configuration or status changes are logged and can be assigned to the persons who perform them.
The data traffic between administration PCs and the base system is always encrypted.
All unused network services are disabled.
Each firewall within a system restricts network access to the network ports required.
The configuration of the base systems is based on the recommendations of the Center for Internet Security (CIS, http://www.cisecurity.org).
Deviations from these recommendations occur only with functions which are required for operating the base system (e.g. a web server which provides the user interface is always active for the SE Manager in the base operating system). These deviations from the CIS recommendations do not lead to security gaps.