LEM security checklists: Ensure that only authorized users can access LEM

Complete the following tasks to help prevent unauthorized users from accessing LEM.

General security tasks

Read the Log & Event Manager Appliance Security and Data Protection blog post on THWACK.

Secure the LEM Manager and the LEM consoles

Run the activate command from the CMC command line.

Run this command to export the SSL certificate that ensures secure communications between the LEM desktop console and the LEM Manager.

See Run the activate command to secure LEM and configure network settings for steps.

Set the minimum password requirements for local LEM user accounts.

See Set the global password policy for LEM users for steps.

Restrict the filters that Monitor role users can access.

See Specify the filters that users assigned the Monitor role can use in the LEM console for steps.

Secure the CMC command-line interface

Change the default CMC password.

See Change the LEM CMC password for steps.

Restrict SSH access to the CMC command-line interface.

(Optional) This procedure blacklists everyone from logging in to the CMC interface except those users who connect from an explicitly allowed IP address or host name.

See Restrict SSH access to the LEM CMC interface for steps.

Secure the LEM reports application

Secure the LEM reports application.

See Restrict access to the LEM reports application for steps.

Enable transport layer security (TLS) between the LEM reports application and the LEM database.

(Optional) The Transport Layer Security (TLS) option introduces an extra level of security for data transfers between a LEM database and the Reports application.

See Enable transport layer security (TLS) in the LEM reports application for steps.