Minimum System Requirements;
Requirement | Description |
Platform | Vmware ESXi 5.0+, Hyper-V |
Operating System | Centos 7 (OVF Template), Ubuntu 20.04 LTS (OVF Template) |
CPU | 8 cores (up to 1000 resources) |
Memory | 16 GB (up to 1000 resources) |
Disk Space | 750 GB or more (up to 2500 resources) |
Recommended System Requirements;
Requirement | Description |
Platform | Vmware ESXi 5.0+, Hyper-V |
Operating System | Centos 7 (OVF Template) |
CPU | 16 cores or more (up to 2500 resources) |
Memory | 24 GB or more (up to 2500 resources) |
Disk Space | 750 GB or more (up to 2500 resources) |
Port Requirements
From SecHard to Resources | ||
Port | Protocol | Description |
22(SSH) | TCP | SSH connection to network devices and Linux OS |
23(Telnet) | TCP | Telnet connection to network devices |
25(SMTP) | TCP | SMTP connection to e-mail server |
53(DNS) | UDP | DNS queries to DNS server |
88(Kerberos) | UDP | Kerberos authentication for Windows Servers |
123(NTP) | UDP | NTP connection for time synchronization |
161(SNMP) | UDP | SNMP connection to get information from network devices and notification |
162(SNMP-Trap) | UDP | SNMP connection to get information from network devices and notification |
389(LDAP) | TCP | Used for AD and TACACS+ |
636(LDAPS) | TCP | Used for AD and TACACS+ |
3389(RDP) | TCP | RDP connection to Windows servers |
5985(WinRM) | TCP | WinRM connection to remotely control Windows systems |
5986(WinRM) | TCP | WinRM connection to remotely control Windows systems |
9100(Node_Exporter) | TCP | Monitoring Linux OS |
9182(WMI_Exporter) | TCP | Monitoring Windows OS |
Ping (echo) | ICMP | ICMP connection to check systems availability |
...
From SecHard to Internet |
| ||
URL | Direction | Protokol / Port | Description |
Sechard ->Internet | TCP 443 | SecHard version upgrades | |
Sechard ->Internet | TCP 443 | Vulnerability lists updates | |
https://cve.mitre.org/data/refs/refmap/source-EXPLOIT-DB.html | Sechard ->Internet | TCP 443 | The exploit (MITRE) lists updates |
Account Authorization Requirements;
Requirement | Description |
Linux OS | If Remediation / Rollback will be applied on Linux servers, an account with root ( /etc/sudoers ) authority is required. |
Windows OS (Domain member) | If Remediation / Rollback will be implemented on the Windows Server / Client side, an AD User who is a member of the Local Administrators group is required (AD User is mandatory for Kerberos Auth.) |
Windows OS(Domain not member) | If Remediation / Rollback will be applied on the Windows Server / Client side, a Local User member of the Local Administrators group is required (Local User is used for Basic Auth.) |
Network Devices | If Remediation / Rollback will be applied on Switch, Router, Firewall, Wireless Controller, Load Balancer devices, Priv 15 (Config Mode), admin, super_user etc. A user with authorization is required. |
Application | Applications require a User who is a member of the Administrators group. |
SQL Database | If SQL Database Remediation/Rollback are to be applied, the 'sysadmin' role is recommended. If it's just for auditing, the 'serveradmin' role is recommended. |