Author Topic: Added Security Modules  (Read 4491 times)

royceb

  • Guest
Added Security Modules
« on: January 14, 2020, 04:57:26 am »
Long time Zen user here curious if the feedback section was still looked at from time to time. I am curious if there were some easy steps that could be taken to start hardening/securing some of Zentyal's features.  How hard would it be to implement items like

1.Semi-granular Fail2ban for services like OpenVPN/SSH/Web(Web-Admin)/Email
2.Two factor authentication for services like OpenVPN/SSH/Web(Web-Admin)/Email - Tie this into Zen SAMBA4/AD authentication and you have a winner
3.More granular control of OpenVPN cert/cryptography settings exposed in the Web-Admin

As a service I find Zentyal extremely robust and consistent in it's feature sets but increasingly I've been utilizing other solutions that aren't as capable as Zentyal but do offer some of these basic security features.


doncamilo

  • Zen Samurai
  • ****
  • Posts: 478
  • Karma: +165/-1
    • View Profile
Re: Added Security Modules
« Reply #1 on: February 20, 2020, 04:53:28 pm »
 :)

The first point could be implemented on the basis of the existent IDS/IPS module (however it's a really heavy service)
In relation to the third one, I think that it could be easily implemented.
The two factors authentication could be easy through some third party PAM module.
It seems to be interesting.

Cheers!
- Do my pigeons bother you passing over your land?
- They block the sun!

G. Guareschi., Don Camillo.,

royceb

  • Guest
Re: Added Security Modules
« Reply #2 on: February 23, 2020, 04:39:27 pm »
As an aside, if I could get some/any of these features to be included in the community version going forward and available in the GUI I would not mind throwing a few thousand dollars at development to sponsor this.