This user manual describes the security features of the SE server based on its operating and service concept.
For a general description of the SE Server, refer to the "Operation and Administration" manual [2].
The description of the security features of the SE server mainly refers to the level of the basic operating system M2000 at the externally accessible Management Unit (MU). The HNC and Server Unit (SU) type units are sealed off from the outside and are therefore not described in detail. Where appropriate, differences that must be observed for Application Units (AU) are discussed.
The most important general security features are mentioned below. The base systems of the SE Server units (M2000, HNC and X2000) based on SUSE Linux Enterprise Server (SLES) 12 can be described as secure and hardened for the following reasons:
Only signed software components which are absolutely essential for operation are installed.
Nonprivileged accounts are used for administration and operator access. These are equipped with clearly defined (and restricted) functions and access rights as part of a differentiated role strategy. No access to the system is possible outside this role strategy. Rights cannot be escalated; access to the
rootaccount is locked.The role and user strategies enable personalized accounts to be configured and passwords and password attributes to be managed.
The data traffic between the administration PC and Management Unit, HNC and Server Unit x86 is encrypted.
All ports which are not used are closed.
Services are started only when they are actually used.- The configuration of the base systems is based on the recommendations of the Center for Internet Security (CIS, http://www.cisecurity.org). Deviations from these recommendations result only from the functions required for operation. These deviations do not, however, lead to security holes.
In the few cases in which administration measures affect the security of the system, information and instructions on correct handling are provided under the heading Security-relevant actions.
Security-relevant aspects of BS2000 or other operating systems and applications which are operated using the systems are not examined.
Objective and target groups of this manual:
This manual is intended for security officers and administrators of an SE server. Knowledge is required of the BS2000, Linux and, where appropriate, Windows operating systems. Basic knowledge of how to operate graphical interfaces is also an advantage.