Use this procedure to enable one or more security hardening options from the following:
selinux
audit
fips
aide
TLSv1, TLSv1.1, TLSv1.2, and TLSv1.3
fapolicy
By default, fapolicy is disabled.
Procedure
Log in to the System Manager command-line interface.
Do one of the following:
To enable only one security hardening option, type securityHardeningOptions <security_hardening_option_name> enable, and press Enter.
For example, type the following command, and press Enter.
securityHardeningOptions selinux enable
To enable more than one security hardening options, type securityHardeningOptions <Comma separated_security_hardening_option_name> enable, and press Enter.
For example, type the following command, and press Enter.
System Manager takes a few minutes to complete the setting and reboots for the changes to take effect.
Note:
In Release 10.1, if System Manager was not rebooted since installation, then during the Military Grade hardening process, System Manager reboots twice for the changes to take effect.
You can check the log file /var/log/Avaya/mgmt/dodenv/securityHardeningOptions.log to get the execution status.
