Extreme SLX-OS Security Hardening Guide, 20.6.1
> Security Hardening Guide
Published March 2024
Search this document
Print this page
Email this page
View PDF
Previous
Next
Preface
Text Conventions
Documentation and Training
Help and Support
Send Feedback
About this document
What‘s New in this Document
Supported Hardware
Security Hardening Guide
Security Hardening Guidance Overview
Configure password policies
Administrator lockout
SSH Configuration
Disable TLS 1.1 and older
Enable authentication services
Disable unused remote authentication services
Configure IP ACLs to block services
Configure banners
Support for RSA 4096 bit SSH hostkey
Connlimit as an option for ip access-lists
Version control for TLS
Securing GNMI
Mutual authentication support for TLS
Certificate expiry alert levels and period configuration
User account expiry period configuration upon inactivity
Forcing default users password change
GRUB Bootloader Password Protection
Measured boot and Remote Attestation
Security Enhanced Linux (SE Linux)
Security Hardening Guide
