Red Hat Enterprise Linux (RHEL) single point of presence
 

Hi, I have never seen this before but an RFQ I was looking at had this as a requirement for the system:

The LAN networked unit shall have a Red Hat Enterprise Linux (RHEL) single point of presence. (Meaning only the RHEL Operating System (OS) shall be visible on the network.)

Have you ever seen this before? I don't quite understand what they are trying to say. Yes, I have asked but have not received a response.

Thanks for any clarification/input

Dave

Where the access coming from? If they're not confident that the modem or router is secure, they may want you to subnet off the rhel box. that will provide an extra layer of protection to hack before they get at the network boxes.

Many times; sounds like typical RFQ language. Basically they're saying that only the one RHEL should be visible on the network, and any other boxes/devices that work with that system should NOT be visible, at all.

Trying to limit attack vectors is a good first step for system security.

Thanks. I am not sure how you would go about making it so that only RHEL systems are visible on the network? Can you point me to some literature or give me any clues?

Thanks!
Dave

Q
 

Basic firewalls. Either hardware or software can accomplish this, but if you got the RFQ, that would imply that you're qualified to do such work. If you're not, you'd be well advised to hire someone to assist.

iptables is common on Linux systems; RHEL is a commercial, PAY FOR distro...paying for it gets you access to Red Hat's support, which can also assist you with such things. There are lots of how-to guides on setting up iptables. Step one is identifying which ports/protocols you want visible.