FireEye – Binary analysis AV-suite is enabled
Details With AV-Suite integration, each infection binary is submitted by the Web MPS to the AV-Suite detection and comparison tool...
- Home
- Security Hardening
- TNS Best Practice FireEye
TNS Best Practice FireEye
FireEye – Boot image must be signed
Details Only boot images signed with a trusted signature should be allowed, otherwise the appliance may run malicious or unknown...FireEye – Boot manager password is set
Details Management of boot images should be protected by a strong password. Solution Edit the configuration and add this line:n...FireEye – CLI commands do not hide any settings from administrators
Details Administrators should be aware of all possible settings on the device so they can protect it effectively. By default...FireEye – LDAP encryption certificates are verified
Details If SSL or TLS encryption is used for LDAP communication then the certificate should be verified to provide assurance...FireEye – LDAP requires encryption
Details By default communications with the LDAP or Active Directory server are unencrypted, leaving credentials visible on the network. Solution...FireEye – List patches
Details The list of patches should be reviewed. This security hardening control applies to the following category of controls within...FireEye – Local logging level includes all errors and warnings
Details Logs should include message levels of ‘notice’ and above. Higher levels such as ‘crit’ and ‘err’ do not include...FireEye – Local logging level is not overridden except by defaults
Details Logs should include message levels of ‘notice’ and above. By default two event classes are overridden with a priority...FireEye – Local logging retention configuration
Details Log retention should be reviewed to ensure logs are available to troubleshoot issues and investigate incidents. FireEye can rotate...