Red Hat LINUX VIRTUAL SERVER 4.7 - ADMINISTRATION Guide d'installation télécharger pdf (Page 9)

SecurityCenter generates a warning in the web interface if the license limit has been exceeded or is approaching capacity.

Contact Tenable Sales for a temporary or permanent expanded license key.

You will need to provide the hostname of the machine on which SecurityCenter will be installed. This can be obtained by

entering the “hostname” command at the shell prompt.

SecurityCenter does not support an unlicensed “demo” mode – a temporary or permanent key is required.

Once installation is complete, the initial web interface will generate an upload form to add the license key.

Disable any pop-up blockers for this interface, as they will prevent the license key upload interface from

working correctly.

Disable Default Web Servers

SecurityCenter provides its own Apache web server listening on port 443. If the installation target already has another

web server or other service listening on port 443, that service needs to be disabled on that port or SecurityCenter must be

adjusted to use a different port after installation.

Confirm what, if any, services are listening on port 443 with the following command:

# netstat -pan | grep ':443 '

Modify Firewall Settings

The default Red Hat firewall settings cause issues with SecurityCenter’s web services. To easily alleviate this, SELinux

must be either set to “Disabled” or enabled in “Permissive” mode. You can disable SELinux “Enforcing” mode using the

following steps:

1. Navigate to: /etc/selinux

2. Edit the file named “config”.

3. Change the SELINUX line from “SELINUX=enforcing” to “SELINUX=disabled” or “SELINUX=permissive”.

4. Save the file.

5. Reboot the system.

Ensure the following incoming services are permitted by the firewall rules:

 SSH (port 22)

 HTTPS (port 443 by default)

Please consult local security and best practices within your environment for the proper usage and

configuration of SELinux. SecurityCenter is known to work with SELinux in “Enforcing” mode with some

customization of the SELinux rules. However, permitted rules vary from organization to organization.

Log Rotation

The installation does not include a log rotate utility; however, the native Linux “logrotate” tool is supported post-

installation. In most Red Hat environments, logrotate is installed by default. The following logs will be rotated if the

logrotate utility is installed:

1. All files in /opt/sc4/support/logs matching *log

2. /opt/sc4/admin/logs/sc4-error.log

1 2 3 4 5 6 7 8 9 10 11 12 13 14 ... 23 24

Pas de commentaire

Red Hat LINUX VIRTUAL SERVER 4.7 - ADMINISTRATION Guide d'installation Page 9