This list is a summary of all requirements from the security recommendations section. Note that the this list is meant to be a means of assistance and can be printed, for example.
Environment-related actions
Implementers of security shall...
...ensure that no Nerve interfaces are directly exposed to the internet.
Actions against system-wide threats
Implementers of security shall...
...ensure that workloads are only taken from trustworthy sources and/or analyzed for security threats.
...ensure that workloads do not accept executables or scripts as configurations.
Actions against node-related threats
Implementers of security shall...
...ensure that the credentials of the local user are changed after installation.
...ensure that each node has unique credentials.
...use state of the art measures such as training and workplace security to prevent credentials from leaking.
...ensure the integrity and security of their local workload repository, if used.
...ensure the integrity and security of their external backup server, if used.
...take adequate measures to ensure that unencrypted communication to the Nerve node's local user interface or API does not compromise system security.
...ensure that the network configuration of workloads aligns with the security concept of the system.
...ensure that the DNA files do not contain credentials.
...ensure the integrity of the DNS service in the network to which the WAN interface of the node is connected.
...ensure that resource constraint configuration is done correctly to avoid overcommitment of resources.
Implementers of security should...
...use the Nerve DNA feature with hashes for deployment of applications.
...monitor resource consumption periodically or create an alert to ensure system availability.
...test workloads for resource leaking.
Actions against Management System-related threats
Implementers of security shall...
...use state of the art measures such as training and workplace security to prevent credentials from leaking. Consider using organization-wide credential management by connecting the Nerve Management System through LDAP.
...use state of the art measures such as training and workplace security to prevent the node secure ID from leaking.
...ensure the identity of the onboarded node in their onboarding process, e.g. by adding a manual verification of the serial number to the procedure.
...protect against DoS attacks using adequate technology such as firewalls when running an on-premise Management System.
...protect against data loss by implementing an adequate backup policy when running an on-premise Management System.
...ensure a timely renewal of the certificates of the Management System when running an on-premise Management System.
Secure installation
Implementers of security shall...
...ensure physical protection against physical access to the device to avoid an unauthorized user accessing sensible data on the disk.
...ensure that physical access to the network cables is limited in order to protect the network within the machine. Whenever possible, select a secure connection to devices.
Node configuration
Implementers of security shall...
...configure only those networks on a Nerve node which are needed for operation.
...place the node behind a firewall allowing access to port 443. If workloads provide access to additional ports, the workloads should be hardened to prevent unauthorized access and the firewall configuration should be adapted.
...activate the feature to require local acknowledgement for remote access where possible.
Data Services configuration
Implementers of security shall...
...attach the Data Services gateway only to the required networks.
...activate the highest possible level of security for all inputs and outputs used.
...ensure that potential lack of security of fieldbus protocols is considered and mitigated in their security concept.
Workload configuration
Implementers of security shall...
...ensure that only personnel with sufficient know-how of security shall configure Nerve workloads.
...ensure that security implications of the Docker Compose YAML and virtual machine XML configurations are suitable for the given system.
...make use of the option to reserve and limit resources for Nerve workloads.
...configure remote access routes only in line with their security concept.
...allow remote access configuration only for users with sufficient know-how of the security concept.
Secure operation
Implementers of applications on Nerve shall...
...follow a secure life-cycle process for their applications running on Nerve.
Implementers of security shall...
...ensure that there is a process to read and act upon the security information provided by the Nerve team through the given contact address.
...create a process to verify that the version and configurations of Nerve software correspond to the desired state.
...create a process to periodically review audit logs for unexpected or unauthorized access.
Implementers of security should...
...create, deploy and sell their systems based on Nerve in a way that frequent security updates are acceptable.
Account management
Implementers of security shall...
...assign roles to users based on the concept of minimum privilege.
...assign the right to create, configure or modify workloads only to users with sufficient need and expertise.
...assign the right to create, configure or modify remote connections only to users with sufficient need and expertise.
...follow best practices for account management, e.g. review all user accounts and their permissions periodically and remove the ones which are not needed anymore.
...ensure that only those people with sufficient need and security know-how shall be able to obtain the local node credentials.
Secure disposal
Implementers of security shall...
...ensure that a process exists to securely delete or destroy all data on decommissioned systems.