Manualshelf

Installation guide

ManualsBrandsRed Hat ManualsComputer equipmentLINUX VIRTUAL SERVER 4.7 - ADMINISTRATION
12345678910
6
The operating system must be configured in a secure manner to ensure that security controls cannot be
bypassed.
The network must be configured to ensure that the SecurityCenter system resides in a secure network segment
that is not accessible from the Internet.
Network time synchronization must be enabled to ensure that accurate time stamps are recorded in reports and
log files.
The time zone is set automatically during the installation process with no user interaction. If steps are required
for manual time zone configuration, please refer to the following KB article:
https://support.tenable.com/support-center/index.php?x=&mod_id=2&root=92&id=444. Important: The time
zone configured in php.ini must be synchronized with the system time zone in /etc/sysconfig/clock.
Access control mechanisms must be in place to ensure that only authorized users have access to the OS
platform.
Of particular importance is the requirement to monitor system resources to ensure that adequate disk space and memory
are available. If system resources are exhausted, there is a risk that audit data could be prevented from being logged due
to the system becoming dysfunctional. Refer to the “Troubleshooting” section of the SecurityCenter 4.7 Administration
Guide for information on how system administrators can recover the system should SecurityCenter become inoperative
due to resource exhaustion. During recovery processes, actions by the system administrator may not be logged by
SecurityCenter until sufficient resources have been made available.
The following resource provides details for secure administration of a Red Hat installation:
Even though the security concepts from this guide are written for RHEL 6, most of the concepts and
methodologies apply to earlier versions of RHEL that are supported with SecurityCenter.
Red Hat Enterprise Linux 6. Security Guide. A Guide to Securing Red Hat Enterprise Linux.
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/index.html.
As with any application, the security and reliability of the installation is dependent on the environment that
supports it. It is strongly recommended that organizations deploying SecurityCenter have an established and
applied IT management policy that covers system administration integrity, resource monitoring, physical
security, and disaster recovery.
Dependencies
Either OpenJDK or the Oracle Java JRE along with their accompanying dependencies must be installed on
the system along with any additional Java installations removed for reporting to function properly.
Although it is possible to force the installation without all required dependencies, if your version of Red Hat or
CentOS is missing certain dependencies, this will cause problems that are not readily apparent with a wide
variety of functions. Tenable’s Support team has observed different types of failure modes for SecurityCenter
when dependencies to the installation RPM are missing. If you require assistance or guidance in obtaining
these dependencies, please contact our Support team at support@tenable.com.
The following programs must be installed on the system prior to installing the SecurityCenter package. While they are not
all required by the installation RPM file, some functionality of SecurityCenter may not work properly if the packages are
not installed. The packages listed below are among those that are most often not installed by default: