StellarOne 2.0 Hardening Guide
- 30 May 2024
- 1 Minute to read
- Print
StellarOne 2.0 Hardening Guide
- Updated on 30 May 2024
- 1 Minute to read
- Print
Article summary
Did you find this summary helpful?
Thank you for your feedback
Summary
This article gives a high-level overview of the security hardening and features implemented in StellarOne virtual appliance.
Details
Customized Kernel Environment
- StellarOne uses the Linux Kernel from Debian 11 and remove unnecessary tools/software/services to secure the environment.
Keeping Security Patches Updated
- According to TXOne Networks security policy, when StellarOne receives a CVE or ZDI vulnerability report, StellarOne will do CVSS evaluation. If the vulnerability has impacted StellarOne, StellarOne will release a critical patch or resolve it in next major release.
Changing Default Admin Password
- StellarOne has informed customer to change the default password for admin in Administration Guide.
Management Console Account Passwords
StellarOne grants access to the management console by user accounts. The built-in administrator account can create both local account or account which would be authenicated through Identiry Provider. To access the management console, each user account requires a logon password.
The management console accepts passwords that contain the following:
- 8 to 32 characters
Observe the following guidelines for creating a strong password:
- Avoid words found in the dictionary.
- Intentionally misspell words.
- Use phrases or combine words.
- Use both uppercase and lowercase letters.
- Account Role.
StellarOne has three kinds of account roles: Admin, Operator and Viewer.
- The Administrator takes full control of StellarOne.
- The Operator has asset control to manage group and policy configuration.
- The Viewer has read-only access to all management console features.
Service Addresses and Ports
- The connection between StellarOne and TXOne backend services are secured when checking information about license and patterns. In addition, to manage Stellar agents, only delegated ports used for secure communication are opened. For more information, please refer to Administration and Installation Guide.
Only Allow TLS 1.2 Connection
- StellarOne enforces TLS 1.2 or above to ensure compliance and security for data in motion.
For support assistance, please contact us at support@txone.com or your Support Provider.
Was this article helpful?