CHS provides continuous hardening, monitoring and prevention. The monitoring mode prevents user errors and combats malicious activities. It provides access control rules that permit only authorized users to change the hardened baseline. CHS prevents policy object changes and issues configurable warnings and alerts, in real-time.
The CHS monitoring mode capability:
- Hardens security policies for the OS and applications.
- Uses organizational policies for the hardening of dynamic processes.
- Performs verification and reports on any changes and errors that occur during the hardening process.
- Cross-platform change management: One-click rollback to the previous policies. The rollback action can be reviewed in the system-generated reports as well.
- Easy policy modification from one centralized dashboard.
- Provides real-time prevention of unauthorized changes to the hardened servers.
- Issues real-time policy violation alerts.
- Generates policy violation reports.
- Controls access to data and system objects – including files, directories and shares.