Implementation Guide › Installing CA Enterprise Log Manager › Initial CA Enterprise Log Manager Server Configurations › OS Hardening

OS Hardening

The CA Enterprise Log Manager soft appliance contains a streamlined and hardened copy of the Red Hat Linux operating system. The following hardening techniques apply:

• Access to SSH as the root user is disabled.
• Use of the Ctrl-Alt-Del key sequence to reboot the server from the console without logging in is disabled.
• Redirections are applied in iptables for the following ports:
  • TCP Port 80 and 443 are redirected to 5250
  • UDP port 514 is redirected to 40514
• The GRUB package is password-protected.
• Installation adds the following low-privilege users:
  • caelmadmin - an operating system account with login rights to the CA Enterprise Log Manager server console
  • caelmservice - service account under which the iGateway and Agent processes run; you cannot login directly using this account