Network Security/Server Hardening

This section is added to highlight the network security and server hardening practices in context of AssistEdge deployment. It is assumed that additional security policies based on Customer policies would be deployed for network security.

 

  1. It is recommended to use standard ports such as 443 for HTTPS and 80 for HTTP to configure the server/software components. The product ships the configurable port numbers for inter and intra component communications needed to run the software. It is recommended to review the port numbers and change based on customer policies. 
  2. Security Hardening of proxy, web, and app servers should include but not limited to disable directory Browsing, Request filtering to disable trace method, error page information to not display any sensitive details including details like server version, local file paths, etc. 
  3. Additional best practices such as restricting access to incoming traffic from known IPs and firewall rules for disabling unused ports/services and enabling logging are adequately deployed to prevent any security related incidents.
  4. Make sure to have network level firewall rules to restrict any data out flow to Open Internet during robot process execution. In case access to Open Internet is needed, setup rules to allow access to specified URLs/port numbers through local & network firewall rules and forward proxy configurations.
  5. Strong Antivirus software must be used to avoid any malicious files getting executed on server.