No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR500, AR510, AR531, AR550, AR1500, and AR2500 Security Hardening And Maintenance Guide

This document provides guidance for strengthening network and device security in terms of network security risks, security architecture, and security hardening policies. It also provides guidance for routine maintenance of device security in terms of the management, control, and forwarding planes.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Security Hardening Policies of the device

Security Hardening Policies of the device

Before you configure security hardening policies, learn the following principle so that you can flexibly use security hardening policies listed in this manual:

Security is a process that requires continuous improvement. Security cannot be achieved once and forever. Any attempt to achieve permanent security by relying on a single policy or a one-off security hardening configuration will fail.

Before security hardening, perform the following:

  • In-depth understanding about service requirements

    Security is always service-oriented. An appropriate security policy can be developed only after the security protection requirements of the service system are clearly understood.

  • Comprehensive risk evaluation

    Analyze the security threats faced by the service system, balance the weakness and values of the service system and the costs of security hardening, and evaluate security risks comprehensively in real time. In addition, provide prevention and protection measures for unacceptable security risks. Handle acceptable risks as outstanding risks and periodically review these risks in the life cycle of the service system to determine whether it is necessary to escalate the risks.

  • Design of security hardening solutions

    On the basis of comprehensive risk evaluation, design appropriate security hardening solutions that can meet the service requirements and bring desired benefits at a low cost. Security is ensured by design instead of configuration. Every security hardening engineer should understand this principle.

  • Security policy implementation

    Before implementing security hardening policies, evaluate the impacts brought by the security policies to services to prevent service loss caused by inappropriate security policies.

After security hardening is complete, continuous efforts must be made to monitor and maintain the service system to locate faults promptly, adjust security policies, and ensure that the security policies have taken effect as expected.

To sum up, security hardening is a process that requires continuous improvement.

Translation
Download
Updated: 2019-05-06

Document ID: EDOC1000097300

Views: 4835

Downloads: 72

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next