Server Security Management

Most applications contain sensitive data and need to be well-protected. The Computing Services Centre (CSC) aims to provide a secure environment for all applications. To achieve this, multiple layers of protection are enforced. The first layer is protected by perimeter firewall and the second layer by server farm firewall of different brands. Further to the physical network layer protection, the CSC also implements security hardening and protection in each server. Here are some measures that are applied to the server’s operating system:

• System hardening based on CIS benchmark
• Disable unused system services
• Only allow necessary traffic in local server firewall
• Signature-based anti-virus software
• Virtual patching and behaviour analysis-based software
• Enable automatic system patching by means of System Centre Configuration Manager (SCCM) for windows servers
• Enable server monitoring and alerts by means of System Centre Operations Manager (SCOM) for windows servers and Oracle Enterprise Manager for Oracle servers
• Administrators’ account password manager
• Forwarding security logs to the Security Information and Event Management (SIEM) system