0 Replies Latest reply on Mar 26, 2017 9:23 PM by andrewc91

    SolidCore on Linxu platform


      A question on SolidCore onto Linux deployment. I have been reading up on deployment of SolidCore in the best practice guide and see the recommendation is to deploy in Observe mode and slowly migrate to an enforced state.

      I understand that Observe mode is not allowed in Linux so my question is around the correct technique for moving Linux to an enforced state. Would the correct process be to

      1. 1. Identify all processes, objects that need to run on OS
      2. 2. Add these to a whitelist policy
      3. 3. Apply to Linux OS and move to enable state
      4. 4. Monitor any object/processes that are being blocked


      If you wouldn’t mind directing me in the right direction as to where I could find this information. I am not having luck looking specifically for Linux OS practice guides and cautious not wanting to enable in full enforced state prior to gathering the right whitelist requiremtns