cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Looking to upgrade from Dynatrace Managed to SaaS? See how

What host hardening does Dynatrace Managed Server install perform?

krokkas
Helper

What additional hardening is performed by the SELinux component of the Dynatrace Managed Server install. Can you provide a list that can be sent to our Security team, as it may be that default hardening as part of the install meets security requirements.

5 REPLIES 5

Radoslaw_Szulgo
Inactive

The following system files and directories can be modified during installation of Dynatrace Managed:


/etc/hosts
/etc/sysctl.conf
/etc/pam.d/su
/etc/rc.local
/etc/security/limits.conf
/etc/security/limits.d/90-nproc.conf
/etc/sudoers
/etc/sudoers.d/
/etc/init.d/
/etc/init.d/rc*.d/
/etc/systemd/system/

Additionally, we need to configure firewall settings as stated here:

https://help.dynatrace.com/dynatrace-managed/dynat...

You may also have a look here:

/opt/dtrun/dtrun.conf 

to see what scripts are executed that may modify a system.

Hope that helps! If you have more questions, feel free to ask.

Senior Product Manager,
Dynatrace Managed expert

monika_zyra
Inactive

There is no separated component like SELinux of Dynatrace Managed Server install. The general requirements that must be met before installation are listed here:

https://help.dynatrace.com/dynatrace-managed/dynatrace-server/how-do-i-install-dynatrace-server/

krokkas
Helper

@Radoslaw S. @Monika A. Apologies, this was meant to be instance hardening performed by the OneAgent install. I can open a new forum question if appropriate.

monika_zyra
Inactive

OneAgent installation is described here:

https://help.dynatrace.com/get-started/installation/how-do-i-install-dynatrace-oneagent/

krokkas
Helper

@Monika A. Thank you, will investigate further and get back to you.

Featured Posts