Achieving compliance with a security policy and maintaining compliance can be tedious. At Red Hat, we believe that such things should be automated and not become an unnecessary burden. To this end, we offer a whole ecosystem of services that automate security compliance.
We ship several widely used security policies with our products. Today, we will go over the “Essential Eight" baseline in a bit more detail.
The "Essential Eight" is a set of mitigation strategies created by the Australian Cyber Security Centre (ACSC), part of the Australian Signals Directorate (ASD) that leads the Australian Government’s efforts to improve cybersecurity.
The "Essential Eight" baseline is designed to make it much harder for adversaries to compromise systems, and Australian government organisations, businesses and individuals are recommended to adopt these essential strategies:
-
Application control, to prevent the execution of unapproved and malicious programs.
-
Patching applications, and use of the latest version of applications.
-
Configuring Microsoft Office macro settings.
-
User application hardening.
-
Restricting administrative privileges to operating systems and applications.
-
Patching operating systems, ensuring "extreme risk" vulnerabilities are patched within 48 hours.
-
Multi-factor authentication, including for VPNs, RDP, SSH and other remote access.
-
Daily backups.
The ACSC publishes a guide explaining the Essential Eight, and a separate guide outlining how the Essential Eight can be applied to Linux systems. Obviously, some of these strategies don't apply to Red Hat Enterprise Linux (RHEL), but they're worth studying up on as a good overall baseline for mitigation strategies. Let's look at some of the essential strategies that do apply to RHEL.
A critical control in the guide is "Application Control," which helps ensure that non-approved applications (including malicious code) are prevented from executing. The RHEL ACSC Essential Eight profile includes the File Access Policy Daemon (fapolicyd) to address this control. The fapolicyd software framework is supported with RHEL 8, and supports application control based on a user-defined policy.
In Linux environments, the ACSC recognises that configuring Microsoft Office macro settings is typically not applicable, and provides additional guidance on hardening Linux systems. This guidance includes applying additional forms of security policy enforcement, such as SELinux, and using the "noexec" parameter to mount partitions to which users have write access.
We’ve codified this additional guidance and included it in the ACSC Essential Eight
profile available with RHEL.
The ACSC Essential Eight profile is available in the scap-security-guide
package in RHEL 7 since 7.8 (package version 0.1.46-11.el7) and RHEL 8 since 8.2 (version 0.1.48-7.el8). The SCAP Security Guide documentation is installed with the scap-security-guide-doc
package under /usr/share/doc/scap-security-guide/guides/ssg-rhel8-guide-e8.html
.
Über den Autor
Vojtěch Polášek is a software engineer working within the security compliance subsystem in Red Hat. He studied computer networks and, later, information technology security at Masaryk University in Brno, Czech Republic.
Nach Thema durchsuchen
Automatisierung
Erfahren Sie das Neueste von der Automatisierungsplattform, die Technologien, Teams und Umgebungen verbindet
Künstliche Intelligenz
Erfahren Sie das Neueste von den Plattformen, die es Kunden ermöglichen, KI-Workloads beliebig auszuführen
Cloud Services
Mehr erfahren über Managed Cloud Services
Sicherheit
Erfahren Sie, wie wir Risiken in verschiedenen Umgebungen und Technologien reduzieren
Edge Computing
Erfahren Sie das Neueste von den Plattformen, die die Operations am Edge vereinfachen
Infrastruktur
Erfahren Sie das Neueste von der weltweit führenden Linux-Plattform für Unternehmen
Anwendungen
Entdecken Sie unsere Lösungen für komplexe Anwendungsherausforderungen
Original Shows
Interessantes von den Experten, die die Technologien in Unternehmen mitgestalten
Produkte
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Cloud-Services
- Alle Produkte anzeigen
Tools
- Training & Zertifizierung
- Eigenes Konto
- Für Entwickler
- Kundensupport
- Mehrwert von Red Hat berechnen
- Red Hat Ecosystem Catalog
- Partner finden
Testen, kaufen und verkaufen
Kommunizieren
Über Red Hat
Als weltweit größter Anbieter von Open-Source-Software-Lösungen für Unternehmen stellen wir Linux-, Cloud-, Container- und Kubernetes-Technologien bereit. Wir bieten robuste Lösungen, die es Unternehmen erleichtern, plattform- und umgebungsübergreifend zu arbeiten – vom Rechenzentrum bis zum Netzwerkrand.
Wählen Sie eine Sprache
Red Hat legal and privacy links
- Über Red Hat
- Jobs bei Red Hat
- Veranstaltungen
- Standorte
- Red Hat kontaktieren
- Red Hat Blog
- Diversität, Gleichberechtigung und Inklusion
- Cool Stuff Store
- Red Hat Summit