Skip to main content

Appendix A: Hardening Checklist

Complete the checklist below to ensure that a Makito X Series device is in a hardened state:

Encoder/Decoder Serial NumberAsset #Location

#

Checklist Item

YesNo

The following should be checked before rebooting:



  • Has the encoder or decoder been physically installed in a secure setting?


  • Was the time and date initially set manually?


  • Have the password, session, account and cryptographic strength policies been verified?


  • Was a new initial administrator account successfully created?


  • Have all default accounts been deleted?


  • Have all non-user system accounts been locked?


  • Have all hardened service clients (SSH, HTTPS) been verified?


  • Have all insecure management interfaces and unused services been disabled?


  • Is the SNMP service available?


  • Has the SNMP service been hardened and verified?


  • Has the image snapshot feature been disabled?


  • Have the necessary certificates been installed?


  • Have network settings been configured?


  • Has an audit server been configured?


  • Has an advisory/warning banner been configured?


The following should be checked after the final reboot (Step 8):



  • Have the results of the self-test been verified?


  • Has admin access (SSH, HTTPS) been granted?


  • Does the advisory banner display upon login?


  • Are the date and time correct?


  • Are the enabled services running?


  • Is the audit (syslog) server reachable, and is it receiving records?


Hardening procedure performed by:

Date (YYYYMMDD)

Name (Please Print): 


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close