The Secureframe Agent checks for the following device configuration settings:
- Hard drive encrypted
- The drive mounted as root needs to be encrypted
- The instructions will vary with the flavor of Linux being used
- Password policy
- There needs to be a PAM module with the following criteria:
- Minimum length of at least 8 - this requires a minimum password length of 8
- Minimum class of at least 3 - this requires 3 required classes of characters for new passwords. The classes are digits, upper letters, lower letters, and special characters
- More information on PAM
- There needs to be a PAM module with the following criteria:
Local firewall enabled
- Looking if Debain uncomplicated firewall (ufw) is enabled
Note:
- The Secureframe Agent does not pull native antivirus due to Linux not having a native antivirus solution.
- The Secureframe Agent does not pull screen lock information due to the data depending on the windows manager being used.