Infrastructure & Application Security - Recommendations

Backups

  • All product databases must be regularly backed up to an offsite, at least once daily, to Azure or equivalent cloud location (not reachable from the same network and credentials, to protect from malware and ransomware attacks).

Network Security

  • All product installed VMs must be protected with secured Firewall, that allows only port 443 to internet
  • Only Hybr Website VM should have port 443 opened and accessible from outside (internet) via FireWall and FrontEnd Subnet and Load Balancer. No other port(s) of HYBR should be exposed via internet to outside such as RDP.
  • No other ports should be exposed to outside (internet), except in the following cases:
    • Hybr using Console Connect Feature with multiple RDP Gateways (Guacamole)
      • List the specific ports required to be open for this and allow those only to the respective VM Ip Address
  • All product APIs must be inside a secured backend subnet, behind firewall. Only accessible to each other inside the secured backend subnet and from HYBR Website VMs from frontend subnet. No services or VMs from backend subnet should be reachable from outside (internet).
    • Only Exception is when there is an external integration with HYBR API or Billing API. And in these cases, enable Access via external facing Load Balancer and Firewall to ONLY specific Remote IP Address and specific ports that needs access to these service APIs.
  • SQL Server VM(s) must be behind a secured firewall in the backend subnet.
    • At NO circumstances ANY SQL VM Ports should be reachable from outside (internet). Ensure special consideration is given to review firewall rules to explicitly DENY ALL ACCESS TO SQL SERVER VM Ip Address from internet.
    • Only specific IP Address from frontend subnet for HYBR Website VMs and specific IP Address from backend subnet for other services and APIs should be allowed to ONLY SQL SERVER PORT TCP 1433.

Secured Configuration

  • All APIs must be configured to use ONLY HTTPS
  • All web.config and application configuration settings must be encrypted
  • All secured settings stored in the database must be encrypted

Monitoring

  • Set up alerts for critical infrastructure and services such as
  • Disk Free Capacity for VMs and SQL Server Data
    • Windows Service Status
    • IIS Website Status for all web applications and APIs

SQL Server DB Maintenance

  • Ensure scheduled tasks exist for controlling Log file growth, in conjunction with backup tasks
  • Periodic review of SQL Server Disk free capacity and performance optimizations such as using SSD disks and so on
  • Cloud Assert Database and log files need to be stored in non-System drive
  • Failover cluster:
    • SQL Server Failover Clustering must be configured for all production workloads and proper monitoring must be configured to take required action(s) when there is failover