The Fujitsu Server BS2000 SE Series with Management Unit, HNC and Server Unit x86 are systems which satisfy stringent security requirements. The statically implemented security of a hardened system which cannot be influenced by administration activities is involved here.

The base system of the Management Unit, HNC and Server Unit x86 is a Linux system based on SUSE Linux Enterprise Server (SLES) 15.

The base system is used exclusively to administer the systems themselves. No normal user operation with customer applications takes place.

These systems are characterized by the following features:

• Only signed software components which are required for operation are installed.

• The base system software which is used on the systems is supplied on a CD/DVD which contains a checksum. During installation the checksum is used to check whether all the packages on the CD are uncorrupted, i.e. their status is the same as that when they were produced.

• Nonprivileged accounts are used for user access.

• These accounts are equipped with clearly defined (and restricted) functions and access rights as part of a differentiated role concept.

• No access to the system is possible outside of this role concept.

• A rights escalation is not possible in the context of this role concept.
  Access to the root account is locked. Rights which are required for maintenance/diagnostics or for updates by Fujitsu Customer Support are implemented by extended rights of the Service role.

• The role and user strategies enable personalized accounts to be configured and passwords and password attributes to be managed.

• Actions which lead to configuration or status changes are logged and can be assigned to the persons who perform them.
• The data traffic between administration PCs and the base system is always encrypted.
• All unused network services are disabled.
• Each firewall within a system restricts network access to the network ports required.

The configuration of the base systems is based on the recommendations of the Center for Internet Security (CIS, http://www.cisecurity.org).
Deviations from these recommendations occur only with functions which are required for operating the base system (e.g. a web server which provides the user interface is always active for the SE Manager in the base operating system). These deviations from the CIS recommendations do not lead to security gaps.

The base systems of the SE servers are regularly examined by Fujitsu for potentially security-relevant vulnerabilities. In particular, the security advisories and notices published by the Fujitsu PSIRT (Product Security Incident Response Team) and the results of security scans are taken into account. The potential vulnerabilities are evaluated taking into account the hardening and the deployment scenarios of the SE appliances and, taking into account their risk potential, are remedied as required as part of the update process for the SE systems.

In principle, an SE infrastructure is always IT-Grundschutz certifiable according to the rules issued by the BSI (Bundesamt für Sicherheit in der Informationstechnik) and can therefore also be part of environments that must be operated in a KRITIS-compliant manner (critical infrastructure).

• The system components are largely preconfigured on delivery or can be configured as part of the actual construction of an SE infrastructure in such a way that the technical requirements resulting from the relevant system components of the IT-Grundschutz compendium are met.
• With its properties, an SE infrastructure thus also fundamentally supports the implementation of requirements resulting from relevant process building blocks of the IT-Grundschutz compendium.
• However, the internal network architecture of an SE infrastructure does not itself contain a P-A-P structure  (Packet filter – Application Layer Gateway – Packet filter) and does not provide a DMZ (demilitarized zone) concept.
  
  • An SE infrastructure deliberately does not represent a "data center in a box" concept, but it does fit seamlessly into BSI IT-Grundschutz-compliant data center network architectures.
  • In its basic configuration, an SE infrastructure presents itself to the data center network as a simple "compute node".
  • Optionally, however, an SE infrastructure can also implement several virtual network segments using the internal network within the data center network. The Net Unit then represents a "top-of-rack switch".