Security considerations for SMC deployment

The information stored in the Security Management Center (SMC) is highly valuable to anyone conducting or planning malicious activities in your network. Someone who gains administrator rights to the Management Server can change the configurations.

An attacker can gain access by exploiting operating system weaknesses or other services running on the same computer to gain administrator rights in the operating system.

Important: Secure the Management Server computer. Anyone who has administrator rights to the operating system can potentially view and change any SMC configurations.

Consider at least the following points to secure the Management Server and Log Server:

  • Prevent any unauthorized access to the servers. Restrict access to the minimum required both physically and with operating system user accounts.
  • We recommend allowing access only to the required ports.
  • Never allow Management Client connections from insecure networks.
  • Take all necessary steps to keep the operating system secure and up to date.
  • We recommend that you do not run any third-party server software on the same computer with the SMC servers.
  • We recommend placing the servers in a separate, secure network segment without third-party servers and limited network access.

You can optionally use 256-bit encryption for the connection between the engines and the Management Server. You must also use an Internal ECDSA Certificate Authority to sign certificates for SMC communication.

When you create and use a new Internal ECDSA Certificate Authority to sign certificates for system communication, the Management Server and the engine re-establish their trust relationship. After the Management Server and the engine re-establish their trust relationship, 256-bit encryption is enabled for the connection between the engines and the Management Server.