Use > Hardening > Introduction to Hardening > Hardening Overview

Hardening Overview

This section introduces the concept of a secure Universal CMDB application and discusses the planning and architecture required to implement security. It is highly recommended that you read this section before proceeding to the hardening discussion in the following sections.

Universal CMDB is designed so that it can be part of a secure architecture, and can therefore meet the challenge of dealing with the security threats to which it might be exposed.

The hardening guidelines deal with the configuration required to implement a more secure (hardened) Universal CMDB.

The hardening information provided is intended primarily for Universal CMDB administrators who should familiarize themselves with the hardening settings and recommendations prior to beginning the hardening procedures.

It is highly recommended that you use a reverse proxy with Universal CMDB to achieve a secure architecture. For details on configuring a reverse proxy for use with Universal CMDB, see Using a Reverse Proxy.

If you must use another type of secure architecture with Universal CMDB other than described in this document, contact Support to determine which architecture is the best one for you to use.

For details on hardening the Data Flow Probe, see Data Flow Probe Hardening.

Note  

  • The hardening procedures are based on the assumption that you are implementing only the instructions provided in these sections, and that you are not performing other hardening steps documented elsewhere.

  • Where the hardening procedures focus on a particular distributed architecture, this does not imply that this is the best architecture to fit your organization’s needs.
  • It is assumed that the procedures included in the following sections are to be performed on machines dedicated to Universal CMDB. Using the machines for other purposes in addition to Universal CMDB may yield problematic results.
  • The hardening information provided in this section is not intended as a guide to making a security risk assessment for your computerized systems.