Hardening
Hardening is the process of securing the infrastructure against attacks by reducing the attack surface, thus eliminating as many risks as possible.
One of the primary measures in hardening involves removing all non-essential software programs and utilities from the deployed Veeam components. While these components may offer useful features to the administrator, and provide additional access to the system should be removed during the hardening process.
Creating visibility into the infrastructure is also a key aspect of hardening. Ensuring that you can detect when an attack may occur, is occurring, or has taken place, and saving logs and traces for law-enforcement and security specialists when needed, is crucial.
To complicate matters for attackers and slow them down, name your backup infrastructure servers using non-backup-related names. Avoid names containing acronyms like “bkp”, “vb365”, “m365” or anything that could make it easier for an attacker to identify the backup infrastructure components. The more time it takes to identify assets, the greater the chances for a honeypot to work.
In addition to all the principles and rules mentioned above, hardening involves the following detailed operations:
- Segmentation
- Attack surface reduction
- Windows management considerations
- Repository hardening specifications.