Versions Compared

Old Version 1

changes.mady.by.user seda peker

Saved on

compared with

New Version Current

changes.mady.by.user seda peker

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Minimum Resource Requirements;

Gereksinim

Açıklama

Platform Requirement

Vmware ESXi 5.0 or above Hyper-V

Operating System

Ubuntu 20.04 LTS (Ready Template)

Processor

8 cores or above (up to 1000 devices)

Memory

16 GB or more (up to 1000 devices)

Storage

750 GB or more (up to 2500 devices)

Recommended Resource Requirements;

Gereksinim

Açıklama

Platform Requirement

Vmware ESXi 5.0 or higher Hyper-V

Operating System

Ubuntu 20.04 LTS (Ready Template)

Processor

16 cores or above (up to 2500 devices)

Memory

24 GB or more (up to 2500 devices)

Storage

750 GB or more (up to 2500 devices)

...

Sechard Container, Vulnerability and Exploit List Update Needs;

Sechard’dan İnterneteSechard to Internet

URL

Direction

Protocol / Port

Description

Module Name

Sechard ->Internet

TCP 443

It is used for container updates in Sechard.

Zero Trust Orchestrator - Security Hardening -Privilege Access Management - Operations Management - Patch Management

Sechard ->Internet

TCP 443

It is used for updates of vulnerability lists in Sechard.

Operations Management

Sechard ->Internet

TCP 443

It is used to retrieve patch information of Windows operating systems.

Patch Management

Sechard ->Internet

TCP 443

It is used for updates of exploit (MITRE) lists in Sechard.

Operations Management

Hesap Yetki GereksinimleriAccount Authorisation Requirements;

GereksinimRequirement

AçıklamaDescription

Erişim yöntemiAccess Method

Linux İşletim Sistemi Operating System - Only Audit

Sudo gurubuna üye bir A linux user / ad user who is a member of the Sudo group

SSH

Linux İşletim Sistemi Operating System - Only Audit + Remediation + RollbackRoot yetkisine sahip bir 

A linux user / ad user with root authorisation

SSH

Windows İşletim Sistemi Operating System (Domain üye member - Server / Client) - Only Audit

WinRM grubuna üye bir AD User gerekmektedir You need an AD User who is a member of the WinRM group (winrm configSDDL default - read + execute) 

WinRM (Kerberos, NTLM, Cert)

Windows İşletim Sistemi Operating System (Domain üye member - Server / Client) - Audit + Remediation + Rollback

You need an AD User who is a member of the Local Administrators grubuna üye bir AD User gerekmektedir group

WinRM (Kerberos, NTLM, Cert)

Windows İşletim Sistemi Operating System (Domain üye değil not a member - Server / Client) - Only Audit

WinRM grubuna üye bir A Local User gerekmektedir who is a member of the WinRM group is required (winrm configSDDL default - read + execute) 

WinRM (NTLM, Basic)

Windows İşletim Sistemi Operating System (Domain üye değil not member - Server / Client) - Audit + Remediation + Rollback

Local Administrators grubuna üye bir Local User gerekmektedir A Local User who is a member of the Local Administrators group is required

WinRM (NTLM, Basic)

Windows Domain Controller - Only Audit

WinRM grubuna üye bir AD User gerekmektedir You need an AD User who is a member of the WinRM group (winrm configSDDL default - read + execute) 

WinRM (Kerberos, NTLM, Cert)

Windows Domain Controller - Audit + Remediation + Rollback

You need an AD User who is a member of the Administrators / Domain Administrators grubuna üye bir AD User gerekmektedir group 

WinRM (Kerberos, NTLM, Cert)

Ağ Cihazları Network Devices - Only Audit

Monitoring, Read Only User vb. kısıtlı yetkiye sahip bir kullanıcı gerekmektedir.(switchlerde sh run çalıştırabilme yetkisi gerekmektediretc. a user with limited authorisation is required (sh run authorisation is required on switches)

SSH

Ağ Cihazları Network Devices - Audit + Remediation + Rollback

Admin, super_user, super_admin, sysadmin, vb. yetkiye sahip bir kullanıcı gerekmektediretc. A user with authorisation is required.

SSH

SQL Database - Only Audit

Aşağıda ki belirtilen maddeler haricinde serveradmin / aynı permissionlara sahip custom bir user serveradmin / a custom user with the same permissions except for the following items

2.11 Ensure SQL Server is configured to use non-standard ports (Automated)

3.3 Ensure Orphaned Users are Dropped From SQL Server Databases (Automated)

3.11 Ensure the public role in the msdb database is not granted access to SQL Agent proxies (Automated)

5.3 Ensure Login Auditing is set to failed logins (Automated)

5.4 Ensure SQL Server Audit is set to capture both failed and successful logins (Automated)

7.4 Ensure Network Encryption is Configured and Enabled (Automated)

DB Connection

SQL Database - Audit + Remediation + Rollback

sysadmin / Control Server   / aynı permissionlara sahip a custom bir user with the same permissions

DB Connection

MongoDB - Only Audit

dbAdmin

DB Connection

MongoDB - Audit + Remediation + Rollback

dbAdmin

DB Connection

Oracle Database - Only Audit

Audit_Admin, thin mode uyumlu compatible account desteklenmektedir.is supported

DB Connection

Oracle Database - Audit + Remediation + Rollback

DBA, thin mode uyumlu compatible account desteklenmektedir.is supported

DB Connection

PostgreSQL Database - Only Audit

dbuser

DB Connection

PostgreSQL Database - Audit + Remediation + Rollback

superuser

DB Connection

Other Resources - Only Audit

Monitoring, Read Only User vb. kısıtlı yetkiye sahip bir kullanıcı gerekmektedir.etc. A user with limited authorisation is required

Native Protocol

Other Resources  Audit + Remediation + Rollback

Admin, super_user, super_admin, sysadmin, root, administrator vb. yetkiye sahip bir kullanıcı gerekmektedir.etc. A user with authorisation is required

Native Protocol

How To Enable WinRM with Domain Group Policy for PowerShell Remoting

...