Skip to main content

Appendix A: Hardening Checklist

Complete the checklist below to ensure that a Makito X Series device is in a hardened state:

Encoder/Decoder Serial Number

Asset #

Location

#

Checklist Item

Yes

No

The following should be checked before rebooting:

  • Has the encoder or decoder been physically installed in a secure setting?

  • Was the time and date initially set manually?

  • Have the password, session, account and cryptographic strength policies been verified?

  • Was a new initial administrator account successfully created?

  • Have all default accounts been deleted?

  • Have all non-user system accounts been locked?

  • Have all hardened service clients (SSH, HTTPS) been verified?

  • Have all insecure management interfaces and unused services been disabled?

  • Is the SNMP service available?

  • Has the SNMP service been hardened and verified?

  • Has the image snapshot feature been disabled?

  • Have the necessary certificates been installed?

  • Have network settings been configured?

  • Has an audit server been configured?

  • Has an advisory/warning banner been configured?

The following should be checked after the final reboot (Step 8):

  • Have the results of the self-test been verified?

  • Has admin access (SSH, HTTPS) been granted?

  • Does the advisory banner display upon login?

  • Are the date and time correct?

  • Are the enabled services running?

  • Is the audit (syslog) server reachable, and is it receiving records?

Hardening procedure performed by:

Date (YYYYMMDD)

Name (Please Print): 

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close