AHV和CVM（NCLI）的硬化说明

Hardening is the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpose one. Reducing available ways of attack typically includes changing default passwords, the removal of unnecessary software, unnecessary usernames or logins, and the disabling or removal of unnecessary services.<\/p>

\u00a0<\/p>

There are various methods of hardening Unix and Linux systems. This may involve, among other measures, applying a patch to the kernel such as Exec Shield or PaX; closing open network ports; and setting up intrusion-detection systems, firewalls and intrusion-prevention systems. There are also hardening scripts and tools like Lynis, Bastille Linux, JASS for Solaris systems and Apache\/PHP Hardener that can, for example, deactivate unneeded features in configuration files or perform various other protective measures.<\/p>

\u00a0<\/p>

We can implement Security Hardening features for Nutanix AHV and Controller VM:<\/p>

1. Hardening AHV: We can use Nutanix Command Line Interface (nCLI) in order to customize various configuration settings related to AHV<\/li><\/ol>

   \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\u00a0Reference Link<\/a><\/p>

   1. Hardening Controller VM: We can use Nutanix Command Line Interface (nCLI) in order to customize the various configuration settings related to CVM<\/li><\/ol>

      \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\u00a0Reference Link<\/a><\/p>

      \u00a0<\/p>

      For more details, refer to\u00a0For Security Guide<\/a><\/p>","quoteUsername":"rohan.saksena-55595","translations":{"Common":{"like":"Like","unlike":"Unlike"},"Forum":{"Quote":"Quote","Share":"Share"}}}">

      • 喜欢
      • 引用
      • 分享