Sentinel has undergone security hardening before being released. This section describes this hardening.
All unnecessary ports are turned off.
Whenever possible, a service port listens only for local connections and does not allow remote connections.
Files are installed with the least privileges so that the least number of users can read the files.
Default passwords are not used.
Reports against the database are run as a user that only has select permissions on the database.
All Web interfaces require HTTPS.
A vulnerability scan was performed against the application and all potential security problems were addressed.
All communication over the network uses SSL by default and is configured to require authentication.
User account passwords are encrypted by default when they are stored on the file system or in the database.
In addition to the points mentioned in Sentinel Application, the appliance has undergone the following additional hardening.
Only the minimally required packages are installed.
Default passwords for the appliance operating system and the control center are not used.
The firewall is enabled by default and all unnecessary ports are closed in the firewall configuration.
A vulnerability scan was performed against the appliance and all potential security problems were addressed.
Sentinel is automatically configured to monitor the local operating systems syslog messages for audit purposes.