Zentyal Forum, Linux Small Business Server

Zentyal Server => Contributions / Tips&Tricks / Features Requests => Topic started by: royceb on January 14, 2020, 04:57:26 am

Title: Added Security Modules
Post by: royceb on January 14, 2020, 04:57:26 am
Long time Zen user here curious if the feedback section was still looked at from time to time. I am curious if there were some easy steps that could be taken to start hardening/securing some of Zentyal's features.  How hard would it be to implement items like

1.Semi-granular Fail2ban for services like OpenVPN/SSH/Web(Web-Admin)/Email
2.Two factor authentication for services like OpenVPN/SSH/Web(Web-Admin)/Email - Tie this into Zen SAMBA4/AD authentication and you have a winner
3.More granular control of OpenVPN cert/cryptography settings exposed in the Web-Admin

As a service I find Zentyal extremely robust and consistent in it's feature sets but increasingly I've been utilizing other solutions that aren't as capable as Zentyal but do offer some of these basic security features.

Title: Re: Added Security Modules
Post by: doncamilo on February 20, 2020, 04:53:28 pm
 :)

The first point could be implemented on the basis of the existent IDS/IPS module (however it's a really heavy service)
In relation to the third one, I think that it could be easily implemented.
The two factors authentication could be easy through some third party PAM module.
It seems to be interesting.

Cheers!
Title: Re: Added Security Modules
Post by: royceb on February 23, 2020, 04:39:27 pm
As an aside, if I could get some/any of these features to be included in the community version going forward and available in the GUI I would not mind throwing a few thousand dollars at development to sponsor this.