FOXMAN-UN R18 RHEL9 Hardened Installation
Purpose
Hardening Procedure
Step 2* - Deviation from the standard OS installation
Deviation from the standard CIS Red Hat Enterprise Linux 9 Benchmark for Level 2 - Server profile
Step 3: Load and apply hardening profile
Update OS to the RHEL 9.6 release
Predefined customization CIS profile and OpenScap installation
OpenScap hardening
FOXMAN-UN Client-Server Setup in a Secure Network - Application Note
Preface and Introduction
Mitigation
FOXMAN-UN Client on Windows Server Deployment
FOXMAN-UN on Linux Core Deployment
FOXMAN-UN Integration with Active Directory (AD) - Application Note
Introduction
Integration Steps
Annex
Associated Documents
FreeRADIUS Integration with FOXMAN-UN - Application Note
Purpose and Scope
Configure FOXMAN-UN
Configure PAM for RADIUS authentication module on FOXMAN-UN server
FOXMAN-UN SNMP Southbound Interface - Application Note
Purpose and Scope
FOXMAN-UN SNMP Southbound Interface
General
Device Identification
Security
Supported Equipment
ENTITY MIB (RFC 4133)
ALARM MIB (RFC 3877)
AlarmActiveLastChanged
Manager Cross-launch for Supported Equipment
General
Cross-launch Entry in the crosslaunch.properties
Creating new Entries in crosslaunch.properties
Telnet/SSH
References
Higher Layer Manager (HLM) SNMPv3 Integration - Application Note
Purpose and basic description
Architecture
The FOXMAN-UN proxy agent
SNMPv3 (default setup)
Configuration setup
Create an additional user
Get all alarms as traps
FOXMAN-UN E-Tree Application Scenarios - Application Note
Introduction
Supported Basic Topologies
E-tree Topologies
E-Tree with single Root
E-Tree with double Root and PE Dual Home
E-Tree with double Root and Broadcast
E-Tree with double Root and Root-Root connection
NE Type selection
E-Tree creation wizard
Create E-Tree with single Root
Create E-Tree with double Root and PE Dual Home
Create E-Tree with double Root and Broadcast
Create E-Tree with double Root and Root-Root connection
FOXMAN-UN - Main/Standby Solution- Application Note
Executive Summary
Initial Situation
Concept
Operation Modes
Terms and Abbreviations
Server States
Normal operation (Main Server running / Standby Server standby)
Main Server breakdown
Connection loss of Main to Standby Server
Exceptional operation (Main Server not running / Standby Server running)
Back to normal operation
Alarms and Events
Alarm and Event Types
Clearance of Alarms
Components
Seamless Integration with FOXMAN-UN
NEM Remote Admin Tool
NEM Login Window
NEM Host Manager
NEM Desktop
NEM Alarm and Event List
FOXMAN-UN in Firewalled Environment - Application Note
Purpose and Scope
General
FOXMAN-UN Components
FOXMAN-UN Core component
FOXMAN-UN Element Agent (EA)
FOXMAN-UN Client
Inter-Processes Communication between FOXMAN-UN Components
Internal Behavior
Fixed TCP Ports
FOXMAN-UN Server - FOX61x Communication
DIRAC to FOX61x Encryption Unit Communication
FOXMAN-UN Server - FOX51x Communication
FOXMAN-UN Main - Standby Server Communication
FOXMAN-UN Firewall Configuration File: firewall.conf
firewall.conf
Adapting Core Server Range
Proposed Basic Configuration
GUI Client Port Ranges
Linux Settings
Firewall Settings
Firewalld Setup
Summary
Annex
List of Open Ports on FOXMAN-UN Server
FOXMAN-UN Role-based Access Control - Application Note
Introduction
Roles
Permissions
Restrictions
Enhanced authorization filter
Annex
Associated Documents
FOXMAN-UN Tag Management - Application Note
Introduction
Tag management feature
Annex
Associated Documents
Usage of Syslog with FOXMAN-UN - Application Note
Purpose and Scope
General
Concept
Syslog Setup
FOXMAN-UN Metrics Database - Application Note
Introduction
Requirements
Launching
Opening the Metrics Database
Data Export
Limitations
Troubleshooting
Language Pack - Principles and Installation
Preface
Introduction
Language Pack Details
Language Pack Installation
Core Details
Client Details
FOXMAN-UN - DIRAC Certificates Recreation
Preface & Introduction
Certificates
Certification Authority
Server
CLI
NEM
GRPC
Alarming
Certificates to update
Generate new certificates
Backup of current certificates and cleanup of folder
Updating certificates
Server keystore & truststore generation
CLI certificate generation
NEM certificate generation
Making NEM aware of new certificates
Restart components and test
FOXMAN-UN R18 RHEL9 Hardened Installation
Hardening Procedure
Deviation from the standard CIS Red Hat Enterprise Linux 9 Benchmark for Level 2 - Server profile
Step 3: Load and apply hardening profile
Update OS to the RHEL 9.6 release
Predefined customization CIS profile and OpenScap installation
OpenScap hardening
FOXMAN-UN Client-Server Setup in a Secure Network - Application Note
Mitigation
FOXMAN-UN Client on Windows Server Deployment
FOXMAN-UN on Linux Core Deployment
FOXMAN-UN Integration with Active Directory (AD) - Application Note
Integration Steps
Annex
FreeRADIUS Integration with FOXMAN-UN - Application Note
Configure FOXMAN-UN
Configure PAM for RADIUS authentication module on FOXMAN-UN server
FOXMAN-UN SNMP Southbound Interface - Application Note
FOXMAN-UN SNMP Southbound Interface
Device Identification
Security
Supported Equipment
ENTITY MIB (RFC 4133)
ALARM MIB (RFC 3877)
AlarmActiveLastChanged
Manager Cross-launch for Supported Equipment
Cross-launch Entry in the crosslaunch.properties
Creating new Entries in crosslaunch.properties
Telnet/SSH
References
Higher Layer Manager (HLM) SNMPv3 Integration - Application Note
Architecture
The FOXMAN-UN proxy agent
SNMPv3 (default setup)
Configuration setup
Create an additional user
Get all alarms as traps
FOXMAN-UN E-Tree Application Scenarios - Application Note
Supported Basic Topologies
E-tree Topologies
E-Tree with double Root and PE Dual Home
E-Tree with double Root and Broadcast
E-Tree with double Root and Root-Root connection
NE Type selection
E-Tree creation wizard
Create E-Tree with single Root
Create E-Tree with double Root and PE Dual Home
Create E-Tree with double Root and Broadcast
Create E-Tree with double Root and Root-Root connection
FOXMAN-UN - Main/Standby Solution- Application Note
Initial Situation
Concept
Operation Modes
Server States
Normal operation (Main Server running / Standby Server standby)
Main Server breakdown
Connection loss of Main to Standby Server
Exceptional operation (Main Server not running / Standby Server running)
Back to normal operation
Alarms and Events
Clearance of Alarms
Components
Seamless Integration with FOXMAN-UN
NEM Remote Admin Tool
NEM Login Window
NEM Host Manager
NEM Desktop
NEM Alarm and Event List
FOXMAN-UN in Firewalled Environment - Application Note
FOXMAN-UN Components
FOXMAN-UN Core component
FOXMAN-UN Element Agent (EA)
FOXMAN-UN Client
Inter-Processes Communication between FOXMAN-UN Components
Internal Behavior
Fixed TCP Ports
FOXMAN-UN Server - FOX61x Communication
DIRAC to FOX61x Encryption Unit Communication
FOXMAN-UN Server - FOX51x Communication
FOXMAN-UN Main - Standby Server Communication
FOXMAN-UN Firewall Configuration File: firewall.conf
Adapting Core Server Range
Proposed Basic Configuration
GUI Client Port Ranges
Linux Settings
Firewall Settings
Firewalld Setup
Summary
Annex
FOXMAN-UN Role-based Access Control - Application Note
Roles
Permissions
Restrictions
Enhanced authorization filter
Annex
FOXMAN-UN Tag Management - Application Note
Tag management feature
Annex
Usage of Syslog with FOXMAN-UN - Application Note
Concept
Syslog Setup
FOXMAN-UN Metrics Database - Application Note
Requirements
Launching
Opening the Metrics Database
Data Export
Limitations
Troubleshooting
Language Pack - Principles and Installation
Introduction
Language Pack Details
Language Pack Installation
Core Details
Client Details
FOXMAN-UN - DIRAC Certificates Recreation
Certificates
Certification Authority
Server
CLI
NEM
GRPC
Alarming
Certificates to update
Generate new certificates
Backup of current certificates and cleanup of folder
Updating certificates
Server keystore & truststore generation
CLI certificate generation
NEM certificate generation
Making NEM aware of new certificates
Restart components and test