Third party endpoint

asked 2018-09-16 04:50:50 -0500

updated 2018-09-16 05:01:15 -0500

Hello Folks

Do you think that while having more than 10 Fedora and Redhat system in a network which manage some critical services and infrastructure needs any Third party endpoint security ...???

While there is some well managed and back end support from security companies like Symantec , Kasper etc at its core of infrastructure..

This is just to get clear picture or scenario about third party endpoint protection apart from Vendor security support while using UNIX alike systems in a critical infrastructure.

Why i have posted this here coz i have a doubt about Network and Host Exploit Mitigation and Proactive Threat Protection while using any vendor supplied endpoint security mechanism

coz most of the vendor supplied endpoint security mechanism seems to be unable to Create locations and set security policies that apply by location and unable to set restart options for clients

Can i have any best available options and self workaround on this

this seems to be a discussion rather than question


edit retag flag offensive close merge delete


I would start with this:

  1. having a look through the logs. Regularly.
  2. having SELinux always and forever enabled; Watching SELinux logs
  3. having auditd enabled; Watching audit logs
  4. Running a firewall
  5. Running any service connected to the internet (e.g. a mail or web server) with least possible permissions, maybe in a sandbox
  6. Running an intrusion detection system
genodeftest gravatar imagegenodeftest ( 2018-09-18 05:09:45 -0500 )edit