Infrastructure Security Audit Report

Prepared for: Contoso Corporation Prepared by: Security Team

Generated: февраля 23, 2026 16:32 Duration: 06:30:00 Components: 69 Total Findings: 950

Executive Summary

This infrastructure security audit examined 69 components and identified 950 findings across various severity levels.

215

340

210

Business Impact Summary

The overall security posture is rated as CRITICAL. Immediate action is required to prevent potential system compromise.

17 system(s) are exposed to immediate compromise risk based on critical findings.

Estimated remediation timeline: 24-48 hours for critical issues, 7 days for high-priority items.

See the Recommendations section for detailed remediation guidance.

Critical

10%

215

High

22.6%

340

Medium

35.8%

210

Low

22.1%

Info

9.5%

Findings by Severity

Findings by Component

Audited Components

The following infrastructure components were analyzed during this audit. Click any component to view its findings.

Exchange Health Status

Real-time health status for Exchange Server infrastructure.

🗃

Databases

4 / 4 healthy

✉

Mail Flow

85 msgs

👥

Client Access

4 / 4 OK

🔄

Replication

4 / 4 passed

0 Findings

Critical: 0 High: 0 Medium: 0 Low: 0

Importance:

Active Directory

1 Findings

Active Directory is the core identity and access management service. This audit examines users, groups, organizational units, Group Policy Objects, replication health, trust relationships, and security configurations.

Critical: 1 High: 0 Medium: 0 Low: 0

Importance: Critical infrastructure component that controls authentication and authorization for the entire organization.

Active Directory Certificate Services

1 Findings

AD CS provides public key infrastructure (PKI) capabilities including certificate issuance, revocation, and management. This audit examines certificate authorities, templates, and known vulnerabilities (ESC1-ESC7).

Critical: 1 High: 0 Medium: 0 Low: 0

Importance: Compromised certificate services can lead to domain-wide privilege escalation.

Active Directory Federation Services

0 Findings

AD FS provides single sign-on capabilities for federated identity scenarios. This audit examines certificate configurations, relying party trusts, claims rules, and security settings.

Critical: 0 High: 0 Medium: 0 Low: 0

Importance: Federation services are critical for secure authentication to cloud and partner applications.

1 Findings

Critical: 0 High: 0 Medium: 1 Low: 0

Importance:

Apache HTTP Server

1 Findings

Apache HTTPD security audit covering ServerTokens, directory security, SSL configuration, mod_security, and access controls.

Critical: 0 High: 0 Medium: 1 Low: 0

Importance: Apache remains one of the most deployed web servers requiring careful security configuration.

1 Findings

Critical: 1 High: 0 Medium: 0 Low: 0

Importance:

Brocade SAN Switches

1 Findings

Brocade Fibre Channel SAN switch security audit examining fabric security mode, zoning configuration, ISL security, DCC policy, and default zone settings.

Critical: 0 High: 1 Medium: 0 Low: 0

Importance: SAN switches control access to storage infrastructure and require strict security controls.

0 Findings

Critical: 0 High: 0 Medium: 0 Low: 0

Importance:

1 Findings

Critical: 0 High: 1 Medium: 0 Low: 0

Importance:

Cisco IOS Switches/Routers

3 Findings

Cisco IOS device security audit covering VTY line security, AAA configuration, SNMP settings, enabled services, logging, ACLs, and configuration management.

Critical: 1 High: 2 Medium: 0 Low: 0

Importance: Cisco network devices form the backbone of many enterprise networks and must be properly secured.

Cisco MDS SAN Switches

1 Findings

Cisco MDS SAN switch security audit covering zone security, fabric binding, FC port security, management protocols, and FLOGI database analysis.

Critical: 0 High: 0 Medium: 1 Low: 0

Importance: MDS switches protect storage networks and must be secured against unauthorized access.

Cisco Nexus Switches

0 Findings

Cisco NX-OS security audit examining vPC configuration, Control Plane Policing (CoPP), RBAC roles, enabled features, password security, and logging configuration.

Critical: 0 High: 0 Medium: 0 Low: 0

Importance: Nexus switches handle datacenter traffic and require enterprise-grade security controls.

0 Findings

Critical: 0 High: 0 Medium: 0 Low: 0

Importance:

0 Findings

Critical: 0 High: 0 Medium: 0 Low: 0

Importance:

1 Findings

Critical: 1 High: 0 Medium: 0 Low: 0

Importance:

DHCP Server

0 Findings

DHCP provides automatic IP address assignment. This audit examines scopes, leases, reservations, failover configurations, and authorization status.

Critical: 0 High: 0 Medium: 0 Low: 0

Importance: DHCP security prevents rogue address assignment and network attacks.

DNS Server

0 Findings

DNS provides name resolution services essential for network operations. This audit examines zones, records, forwarders, dynamic update security, and DNSSEC configuration.

Critical: 0 High: 0 Medium: 0 Low: 0

Importance: DNS vulnerabilities can enable man-in-the-middle attacks and service disruption.

Docker Containers

1 Findings

Docker security audit covering daemon configuration, privileged containers, capabilities, volume mounts, image security, and socket exposure.

Critical: 1 High: 0 Medium: 0 Low: 0

Importance: Container security is critical as misconfigured containers can compromise the host system.

Elasticsearch/OpenSearch

1 Findings

Elasticsearch security audit covering X-Pack security, authentication, TLS configuration, network binding, and cluster health.

Critical: 0 High: 1 Medium: 0 Low: 0

Importance: Search clusters often contain aggregated sensitive data from multiple sources.

Windows Event Logs

0 Findings

Event log analysis for security monitoring. This audit examines security events, logon patterns, PowerShell activity, and audit policy.

Critical: 0 High: 0 Medium: 0 Low: 0

Importance: Event logs are essential for threat detection and forensic investigation.

Microsoft Exchange Server

1 Findings

Exchange Server provides email, calendar, and collaboration services. This audit examines mailbox configurations, transport rules, DAG health, virtual directories, and security settings.

Critical: 1 High: 0 Medium: 0 Low: 0

Importance: Email is a primary attack vector and contains sensitive organizational communications.

File Servers

2 Findings

File servers store organizational data and documents. This audit examines share permissions, SMB configurations, DFS replication, quotas, and storage utilization.

Critical: 1 High: 1 Medium: 0 Low: 0

Importance: Improper file server security can lead to data breaches and ransomware attacks.

FortiGate Firewalls

1 Findings

FortiGate firewall security audit examining firewall policies, UTM profiles (AV, IPS, Web Filter), VPN configuration, FortiGuard connectivity, and admin security.

Critical: 0 High: 1 Medium: 0 Low: 0

Importance: FortiGate firewalls protect network perimeters and internal segments from threats.

1 Findings

Critical: 0 High: 0 Medium: 0 Low: 1

Importance:

0 Findings

Critical: 0 High: 0 Medium: 0 Low: 0

Importance:

HAProxy Load Balancer

1 Findings

HAProxy security audit examining stats page exposure, SSL termination, ACL rules, rate limiting, and backend health check security.

Critical: 0 High: 0 Medium: 1 Low: 0

Importance: Load balancers control traffic flow and can expose backend systems if misconfigured.

HPE iLO Management

1 Findings

HPE Integrated Lights-Out (iLO) security audit via Redfish API covering user accounts, network protocols, IPMI, directory integration, and firmware status.

Critical: 1 High: 0 Medium: 0 Low: 0

Importance: BMC/iLO interfaces provide out-of-band management and must be secured to prevent physical compromise.

HPE ProCurve/Aruba Switches

1 Findings

HPE switch security audit covering management access, SNMP configuration, AAA settings, port security, DHCP snooping, and spanning tree protection.

Critical: 0 High: 1 Medium: 0 Low: 0

Importance: HPE switches are widely deployed in enterprise networks and require proper security hardening.

Hyper-V

1 Findings

Hyper-V provides server virtualization. This audit examines virtual machines, virtual switches, storage, replication, and security configurations.

Critical: 0 High: 0 Medium: 1 Low: 0

Importance: Virtualization security is critical as VM escape can compromise the entire host.

IIS Web Servers

1 Findings

Internet Information Services provides web hosting. This audit examines websites, application pools, SSL certificates, authentication, and security configurations.

Critical: 0 High: 1 Medium: 0 Low: 0

Importance: Web servers are directly exposed to attacks and require careful security configuration.

0 Findings

Critical: 0 High: 0 Medium: 0 Low: 0

Importance:

Juniper JunOS Devices

1 Findings

Juniper JunOS security audit covering user authentication, SSH configuration, SNMP security, logging, NTP, management restrictions, and routing protocol security.

Critical: 0 High: 0 Medium: 1 Low: 0

Importance: Juniper devices provide critical routing and security functions in enterprise networks.

Kubernetes Cluster

1 Findings

Kubernetes security audit examining RBAC configuration, pod security, network policies, secrets management, and admission controllers.

Critical: 1 High: 0 Medium: 0 Low: 0

Importance: Kubernetes orchestrates containerized workloads and requires comprehensive security controls.

1 Findings

Critical: 0 High: 0 Medium: 1 Low: 0

Importance:

Linux Servers

1 Findings

Linux server security audit covering SSH configuration, firewall rules, user accounts, SUID/SGID binaries, kernel parameters, and security frameworks (SELinux/AppArmor).

Critical: 0 High: 0 Medium: 1 Low: 0

Importance: Linux servers often host critical applications and databases requiring hardened configurations.

1 Findings

Critical: 0 High: 0 Medium: 1 Low: 0

Importance:

MikroTik RouterOS Devices

0 Findings

MikroTik RouterOS security audit examining IP services, MAC server, neighbor discovery, firewall rules, user accounts, and package management.

Critical: 0 High: 0 Medium: 0 Low: 0

Importance: MikroTik devices are powerful but often misconfigured, making security audits essential.

MongoDB Database

1 Findings

MongoDB security audit covering authentication, authorization, network binding, TLS configuration, and access control settings.

Critical: 1 High: 0 Medium: 0 Low: 0

Importance: NoSQL databases like MongoDB are frequent targets due to common misconfigurations.

Microsoft SQL Server

1 Findings

SQL Server provides database services. This audit examines instances, databases, logins, security configurations, and known vulnerabilities.

Critical: 1 High: 0 Medium: 0 Low: 0

Importance: Databases contain sensitive business data and are high-value targets.

MySQL/MariaDB Database

1 Findings

MySQL/MariaDB security audit examining anonymous accounts, root access, password policies, SSL configuration, and privilege assignments.

Critical: 0 High: 1 Medium: 0 Low: 0

Importance: MySQL powers many web applications and requires proper security hardening.

0 Findings

Critical: 0 High: 0 Medium: 0 Low: 0

Importance:

Nginx Web Server

1 Findings

Nginx security audit examining SSL/TLS configuration, security headers, certificate expiration, rate limiting, and access controls.

Critical: 0 High: 1 Medium: 0 Low: 0

Importance: Web servers are directly exposed to the internet and must be properly hardened.

Network Policy Server

1 Findings

NPS provides RADIUS authentication and authorization. This audit examines RADIUS clients, network policies, connection request policies, and authentication methods.

Critical: 0 High: 1 Medium: 0 Low: 0

Importance: NPS controls network access for VPN, wireless, and wired 802.1X authentication.

1 Findings

Critical: 0 High: 1 Medium: 0 Low: 0

Importance:

NVIDIA/Mellanox Switches

0 Findings

NVIDIA/Mellanox switch security audit for Onyx and Cumulus Linux platforms, covering management access, SNMP, AAA configuration, and port security.

Critical: 0 High: 0 Medium: 0 Low: 0

Importance: High-performance switches used in data centers require proper security configuration.

0 Findings

Critical: 0 High: 0 Medium: 0 Low: 0

Importance:

Oracle Database

1 Findings

Oracle Database security audit examining default accounts, password policies, privileges, audit configuration, TNS listener security, and encryption settings.

Critical: 0 High: 1 Medium: 0 Low: 0

Importance: Oracle databases store enterprise-critical data and are high-value targets for attackers.

Palo Alto Firewalls

2 Findings

Palo Alto firewall security audit covering security policies, threat prevention profiles, URL filtering, WildFire, SSL decryption, admin authentication, and logging.

Critical: 1 High: 1 Medium: 0 Low: 0

Importance: Next-generation firewalls are critical perimeter security controls requiring comprehensive configuration review.

0 Findings

Critical: 0 High: 0 Medium: 0 Low: 0

Importance:

PostgreSQL Database

1 Findings

PostgreSQL security audit covering authentication methods (pg_hba.conf), SSL configuration, user privileges, extensions, and logging settings.

Critical: 1 High: 0 Medium: 0 Low: 0

Importance: PostgreSQL is widely used for web applications and contains sensitive application data.

Print Servers

0 Findings

Print servers manage printing infrastructure. This audit examines printers, drivers, ports, and PrintNightmare mitigations.

Critical: 0 High: 0 Medium: 0 Low: 0

Importance: Print services have been targets of critical vulnerabilities (PrintNightmare).

1 Findings

Critical: 0 High: 1 Medium: 0 Low: 0

Importance:

AD Reconnaissance

0 Findings

Deep reconnaissance of Active Directory configuration including sites, subnets, LAPS deployment, SPNs, printers, ACLs, and DC services.

Critical: 0 High: 0 Medium: 0 Low: 0

Importance: Identifies attack surface and misconfigurations commonly exploited by attackers.

Redis Cache

1 Findings

Redis security audit examining authentication, ACL configuration, protected mode, dangerous commands, TLS, and persistence security.

Critical: 0 High: 1 Medium: 0 Low: 0

Importance: In-memory data stores can expose session data and cached credentials if unsecured.

0 Findings

Critical: 0 High: 0 Medium: 0 Low: 0

Importance:

0 Findings

Critical: 0 High: 0 Medium: 0 Low: 0

Importance:

0 Findings

Critical: 0 High: 0 Medium: 0 Low: 0

Importance:

Security Analysis

0 Findings

Deep security analysis covering delegation attacks, Kerberos configuration, NTLM settings, GPO security, and advanced threat indicators.

Critical: 0 High: 0 Medium: 0 Low: 0

Importance: Identifies advanced security risks and attack paths in the environment.

0 Findings

Critical: 0 High: 0 Medium: 0 Low: 0

Importance:

Storage Arrays

1 Findings

Enterprise storage array security audit (NetApp, Dell EMC, Pure Storage, HPE) covering authentication, network protocols, encryption at rest, snapshot policies, and KMIP integration.

Critical: 1 High: 0 Medium: 0 Low: 0

Importance: Storage systems hold critical business data and require comprehensive security hardening.

1 Findings

Critical: 0 High: 1 Medium: 0 Low: 0

Importance:

Tape Libraries

1 Findings

Tape library security audit (IBM, HPE, Quantum, Dell) examining access control, tape encryption, key management (KMIP/EKM), network protocols, and maintenance status.

Critical: 0 High: 1 Medium: 0 Low: 0

Importance: Tape libraries are critical for backup and compliance, requiring proper encryption and access controls.

Ubiquiti Network Devices

0 Findings

Ubiquiti device security audit (UniFi, EdgeSwitch, EdgeRouter) covering default credentials, firewall rules, SNMP configuration, and management access.

Critical: 0 High: 0 Medium: 0 Low: 0

Importance: Ubiquiti devices are common in SMB environments and must be properly secured.

Veeam Backup & Replication

1 Findings

Veeam provides backup and disaster recovery. This audit examines backup jobs, repositories, replication, encryption, and backup status.

Critical: 1 High: 0 Medium: 0 Low: 0

Importance: Backup infrastructure is critical for ransomware recovery and business continuity.

0 Findings

Critical: 0 High: 0 Medium: 0 Low: 0

Importance:

VMware ESXi/vSphere

2 Findings

VMware provides enterprise virtualization. This audit examines ESXi hosts, virtual machines, datastores, networking, and security configurations.

Critical: 0 High: 2 Medium: 0 Low: 0

Importance: VMware infrastructure hosts critical workloads and requires comprehensive security.

Windows OS Audit

1 Findings

Comprehensive Windows operating system security audit covering updates, services, firewall, local users, security settings, BitLocker, Defender, scheduled tasks, audit policy, and PowerShell configuration.

Critical: 0 High: 0 Medium: 1 Low: 0

Importance: Windows servers and workstations are primary targets and require comprehensive hardening.

1 Findings

Critical: 0 High: 1 Medium: 0 Low: 0

Importance:

Communication Security Analysis

Security posture assessment for encryption, authentication, certificate management, and protocol compliance across all audited components.

Overall Security Score

/ 100

Excellent security posture. Minor improvements recommended.

Component Security Scores

Click any component to view detailed security analysis and related findings.

Acronis

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Active Directory

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Active Directory Certificate Services

✓ TLS 1.2+ Enforced
✗ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Active Directory Federation Services

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

AIX

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
⚠ Strong Authentication

Apache HTTP Server

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

BIND

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Brocade SAN Switches

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✗ Strong Authentication

Chrony

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

CiscoCIMC

✗ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Cisco IOS Switches/Routers

✗ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✗ Strong Authentication

Cisco MDS SAN Switches

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Cisco Nexus Switches

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Cohesity

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Commvault

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

DellIDRAC

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✗ Strong Authentication

DHCP Server

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

DNS Server

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Docker Containers

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Elasticsearch/OpenSearch

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Windows Event Logs

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Microsoft Exchange Server

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

File Servers

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

FortiGate Firewalls

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

FreeBSD

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

FreeRADIUS

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

HAProxy Load Balancer

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

HPE iLO Management

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✗ Strong Authentication

HPE ProCurve/Aruba Switches

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✗ Strong Authentication

Hyper-V

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

IIS Web Servers

✗ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

ISCDHCP

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Juniper JunOS Devices

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
⚠ Strong Authentication

Kubernetes Cluster

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

LenovoXCC

✓ TLS 1.2+ Enforced
✓ Valid Certificates
⚠ Data Encryption
⚠ Strong Authentication

Linux Servers

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
⚠ Strong Authentication

macOS

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

MikroTik RouterOS Devices

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

MongoDB Database

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✗ Strong Authentication

Microsoft SQL Server

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✗ Strong Authentication

MySQL/MariaDB Database

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Nakivo

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Nginx Web Server

✗ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✗ Strong Authentication

Network Policy Server

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✗ Strong Authentication

Nutanix

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

NVIDIA/Mellanox Switches

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

OpenLDAP

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Oracle Database

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✗ Strong Authentication

Palo Alto Firewalls

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Postfix

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

PostgreSQL Database

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✗ Strong Authentication

Print Servers

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Proxmox

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✗ Strong Authentication

AD Reconnaissance

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Redis Cache

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✗ Strong Authentication

Rsyslog

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Rubrik

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Samba

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Security Analysis

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Squid

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Storage Arrays

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✗ Strong Authentication

SupermicroIPMI

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Tape Libraries

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✗ Data Encryption
✓ Strong Authentication

Ubiquiti Network Devices

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Veeam Backup & Replication

✗ TLS 1.2+ Enforced
✓ Valid Certificates
✗ Data Encryption
✓ Strong Authentication

VeritasNetBackup

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

VMware ESXi/vSphere

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Windows OS Audit

100

✓ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

XenServer

✗ TLS 1.2+ Enforced
✓ Valid Certificates
✓ Data Encryption
✓ Strong Authentication

Network Topology

Visual representation of discovered network devices and their connections based on LLDP, MAC tables, and neighbor discovery data.

Switch

Router

Firewall

Server

Storage

SAN

BMC/iLO

Connection Details

Detailed list of network connections discovered during the audit.

Source Device	Source Port	Destination Device	Destination Port	Link Type	Speed

MAC Address Table

Consolidated MAC address table from all audited network devices.

MAC Address	VLAN	Port	Device	Type

All Findings

Complete list of 950 findings sorted by severity.

#	Severity	Category	Title	Description	Remediation	Affected Items
1	Critical	AD	Kerberoastable Service Accounts	15 service accounts have SPNs set with weak encryption, vulnerable to Kerberoasting.	Use gMSA or enforce AES256 encryption for service accounts.	svc_backup, svc_sql, svc_web, svc_exchange, svc_sharepoint
2	Critical	Storage	Storage Array Default Admin	Storage arrays using factory default admin credentials.	Change default admin passwords.	netapp01, purestorage01
3	Critical	DellIDRAC	Dell iDRAC Default Password	iDRAC using factory default password.	Change default iDRAC password.	srv04-idrac, srv05-idrac
4	Critical	PostgreSQL	PostgreSQL Trust Authentication	PostgreSQL using trust authentication allowing passwordless connections.	Change pg_hba.conf to use md5 or scram-sha-256 authentication.	pg-primary, pg-replica01
5	Critical	Veeam	Unencrypted Backup Jobs	Veeam backup jobs not using encryption for backup data.	Enable encryption on backup jobs with strong passwords.	Backup Job - Production, Backup Job - Database
6	Critical	BIND	Open DNS Recursion	DNS server allows recursive queries from any source.	Restrict recursion to trusted networks with allow-recursion.	dns01.contoso.local, dns02.contoso.local
7	Critical	Kubernetes	Kubernetes cluster-admin Binding	ClusterRoleBinding grants cluster-admin to service accounts.	Remove unnecessary cluster-admin bindings and use least privilege.	default:default, kube-system:default
8	Critical	MongoDB	MongoDB Authentication Disabled	MongoDB instances running without authentication enabled.	Enable authentication with --auth flag and create admin users.	mongo01, mongo02
9	Critical	HPEiLO	Default BMC Credentials	Server BMC/iLO using factory default credentials.	Change default passwords and integrate with directory services.	srv01-ilo, srv02-ilo, srv03-ilo
10	Critical	MSSQL	SA Account Enabled with Weak Password	SQL Server SA account enabled with default or weak password.	Disable SA account or set complex password and use Windows auth.	SQL01, SQL02, SQL03
11	Critical	ADCS	ESC1 Vulnerable Certificate Template	Certificate template allows enrollee to supply subject with overly permissive enrollment.	Remove 'Supply in request' option and restrict enrollment.	WebServerEnrollment, UserCertAuto
12	Critical	Docker	Docker Socket Exposed	Docker socket exposed without TLS, allowing unauthorized container control.	Enable TLS on Docker daemon and restrict socket access.	docker-host01, docker-host02
13	Critical	Exchange	Open SMTP Relay	Exchange accepts mail relay from unauthenticated sources.	Configure receive connectors to require authentication.	EX01.contoso.local
14	Critical	FileServer	SMB1 Protocol Enabled	Legacy SMB1 protocol enabled on file servers, vulnerable to EternalBlue.	Disable SMB1 using Set-SmbServerConfiguration -EnableSMB1Protocol $false	FS01, FS02, FS03
15	Critical	NetworkDevice	Default SNMP Community String	Network devices using default 'public' or 'private' SNMP communities.	Change SNMP community strings to complex values.	cisco-core01, hpe-sw01, hpe-sw02
16	Critical	PaloAlto	Any/Any Security Policy	Firewall has overly permissive any/any security rules.	Remove or restrict any/any rules to specific sources/destinations.	pa-fw01, pa-fw02
17	Critical	CiscoIOS	Telnet Enabled on VTY Lines	Cisco switches have Telnet enabled instead of SSH only.	Disable Telnet and enforce SSH with 'transport input ssh'.	cisco-core01, cisco-core02, cisco-access01
18	High	OracleDB	Oracle Default Accounts	Oracle database has unlocked default accounts.	Lock all default accounts: ALTER USER xxx ACCOUNT LOCK.	orcl01, orcl02
19	High	SupermicroIPMI	Supermicro IPMI Exposed	IPMI accessible from non-management networks.	Restrict IPMI to management VLAN.	sm-ipmi01, sm-ipmi02
20	High	CiscoCIMC	Cisco CIMC Telnet Enabled	CIMC has Telnet service enabled.	Disable Telnet and use SSH/HTTPS only.	ucs-c01, ucs-c02
21	High	TapeLibrary	Tape Library No Encryption	Tape library not using hardware encryption.	Enable tape encryption with key management.	tape01
22	High	BrocadeSAN	Brocade SAN Default Zone	Brocade SAN using default zone allowing all-to-all access.	Implement proper zoning configuration.	san-sw01, san-sw02
23	High	XenServer	XenServer No TLS	XenServer management without TLS encryption.	Enable TLS for XenCenter connections.	xen01, xen02
24	High	Nutanix	Nutanix CVMs Exposed	Nutanix Controller VMs accessible from untrusted networks.	Restrict CVM access to management network.	ntnx-cvm01, ntnx-cvm02
25	High	Proxmox	Proxmox Default Password	Proxmox root using default or weak password.	Change root password to complex value.	pve01, pve02
26	High	MySQL	MySQL Root Remote Access	MySQL root user can connect from any host.	Restrict root to localhost with UPDATE mysql.user.	mysql01, mysql02
27	High	Nginx	Nginx Default SSL	Nginx using default self-signed certificates.	Install valid CA-signed certificates.	nginx01, nginx02
28	High	Redis	Redis No Authentication	Redis instances accessible without password.	Enable requirepass in redis.conf.	redis01, redis02
29	High	CiscoIOS	SSH Version 1 Enabled	Network devices supporting deprecated SSH protocol version 1.	Disable SSHv1 with 'ip ssh version 2'.	cisco-access01, cisco-access02
30	High	CiscoIOS	No AAA Authentication	Cisco switches not using AAA for authentication.	Configure AAA with TACACS+ or RADIUS.	cisco-access03, cisco-access04
31	High	IIS	TLS 1.0/1.1 Enabled	Web servers supporting deprecated TLS versions.	Disable TLS 1.0/1.1 and enforce TLS 1.2+.	WEB01, WEB02, WEB03
32	High	FileServer	SMB Signing Not Required	File servers not requiring SMB signing.	Enable SMB signing requirement via Group Policy.	FS01, FS02
33	High	PaloAlto	WildFire Not Enabled	Palo Alto firewalls not using WildFire for malware analysis.	Enable WildFire on security profiles.	pa-fw01, pa-fw02
34	High	Fortinet	FortiGuard Not Connected	FortiGate not receiving FortiGuard updates.	Verify FortiGuard connectivity and license.	fg-fw01
35	High	Elasticsearch	Elasticsearch No Security	Elasticsearch cluster without X-Pack security enabled.	Enable X-Pack security and configure authentication.	es-node01, es-node02
36	High	HPESwitch	HPE Switch Default SNMP	HPE switches using default SNMP communities.	Change SNMP community strings.	hpe-2930f-01, hpe-2930f-02
37	High	VMware	VMware ESXi Outdated	ESXi hosts running outdated versions with known vulnerabilities.	Update ESXi to latest patch level.	esxi01, esxi02
38	High	VMware	SSH Enabled on ESXi	ESXi hosts have SSH service enabled.	Disable SSH when not needed for troubleshooting.	esxi01, esxi02, esxi03
39	High	NPS	Weak RADIUS Shared Secret	NPS RADIUS clients using weak shared secrets.	Use complex shared secrets of 22+ characters.	AP-01, AP-02, VPN-01
40	Medium	Linux	Linux SSH Root Login	Linux servers allow direct root SSH login.	Set PermitRootLogin no in sshd_config.	linux01, linux02, linux03
41	Medium	HyperV	Hyper-V CredSSP Migration	Hyper-V using CredSSP for live migration.	Use Kerberos constrained delegation instead.	HV01, HV02
42	Medium	AIX	AIX Password Policy Weak	AIX systems with weak password policy settings.	Strengthen password policy in /etc/security/user.	aix01, aix02
43	Medium	CiscoMDS	Cisco MDS Port Security Disabled	MDS SAN switches without port security enabled.	Enable FC port security.	mds01, mds02
44	Medium	HAProxy	HAProxy Stats Exposed	HAProxy statistics page accessible without authentication.	Add authentication to stats page.	haproxy01
45	Medium	Apache	Apache ServerTokens Full	Apache exposing full version information.	Set ServerTokens Prod in httpd.conf.	apache01, apache02
46	Medium	LenovoXCC	Lenovo XCC Weak Cipher	XCC using weak SSL/TLS ciphers.	Configure strong cipher suites.	lenovo-xcc01
47	Medium	JuniperJunOS	Juniper JunOS SSH Weak Key	JunOS devices using weak SSH host keys.	Regenerate SSH keys with 4096-bit RSA.	juniper-mx01
48	Medium	Windows	Windows Updates Pending	Windows servers with pending security updates.	Apply pending Windows updates.	APP01, APP02, WEB01
49	Medium	macOS	macOS FileVault Disabled	macOS devices without FileVault encryption.	Enable FileVault disk encryption.	mac01, mac02, mac03
50	Low	FreeBSD	FreeBSD Sendmail Enabled	FreeBSD systems running sendmail service.	Disable sendmail if not needed.	fbsd01, fbsd02

Detailed Findings

Comprehensive details for each finding with remediation guidance.

Critical

Kerberoastable Service Accounts

Category: AD SLA: Remediate within 24-48 hours

Description

15 service accounts have SPNs set with weak encryption, vulnerable to Kerberoasting.

Remediation

Use gMSA or enforce AES256 encryption for service accounts.

Affected Items

svc_backup, svc_sql, svc_web, svc_exchange, svc_sharepoint

Critical

Storage Array Default Admin

Category: Storage SLA: Remediate within 24-48 hours

Description

Storage arrays using factory default admin credentials.

Remediation

Change default admin passwords.

Affected Items

netapp01, purestorage01

Critical

Dell iDRAC Default Password

Category: DellIDRAC SLA: Remediate within 24-48 hours

Description

iDRAC using factory default password.

Remediation

Change default iDRAC password.

Affected Items

srv04-idrac, srv05-idrac

Critical

PostgreSQL Trust Authentication

Category: PostgreSQL SLA: Remediate within 24-48 hours

Description

PostgreSQL using trust authentication allowing passwordless connections.

Remediation

Change pg_hba.conf to use md5 or scram-sha-256 authentication.

Affected Items

pg-primary, pg-replica01

Critical

Unencrypted Backup Jobs

Category: Veeam SLA: Remediate within 24-48 hours

Description

Veeam backup jobs not using encryption for backup data.

Remediation

Enable encryption on backup jobs with strong passwords.

Affected Items

Backup Job - Production, Backup Job - Database

Critical

Open DNS Recursion

Category: BIND SLA: Remediate within 24-48 hours

Description

DNS server allows recursive queries from any source.

Remediation

Restrict recursion to trusted networks with allow-recursion.

Affected Items

dns01.contoso.local, dns02.contoso.local

Critical

Kubernetes cluster-admin Binding

Category: Kubernetes SLA: Remediate within 24-48 hours

Description

ClusterRoleBinding grants cluster-admin to service accounts.

Remediation

Remove unnecessary cluster-admin bindings and use least privilege.

Affected Items

default:default, kube-system:default

Critical

MongoDB Authentication Disabled

Category: MongoDB SLA: Remediate within 24-48 hours

Description

MongoDB instances running without authentication enabled.

Remediation

Enable authentication with --auth flag and create admin users.

Affected Items

mongo01, mongo02

Critical

Default BMC Credentials

Category: HPEiLO SLA: Remediate within 24-48 hours

Description

Server BMC/iLO using factory default credentials.

Remediation

Change default passwords and integrate with directory services.

Affected Items

srv01-ilo, srv02-ilo, srv03-ilo

Critical

SA Account Enabled with Weak Password

Category: MSSQL SLA: Remediate within 24-48 hours

Description

SQL Server SA account enabled with default or weak password.

Remediation

Disable SA account or set complex password and use Windows auth.

Affected Items

SQL01, SQL02, SQL03

Critical

ESC1 Vulnerable Certificate Template

Category: ADCS SLA: Remediate within 24-48 hours

Description

Certificate template allows enrollee to supply subject with overly permissive enrollment.

Remediation

Remove 'Supply in request' option and restrict enrollment.

Affected Items

WebServerEnrollment, UserCertAuto

Critical

Docker Socket Exposed

Category: Docker SLA: Remediate within 24-48 hours

Description

Docker socket exposed without TLS, allowing unauthorized container control.

Remediation

Enable TLS on Docker daemon and restrict socket access.

Affected Items

docker-host01, docker-host02

Critical

Open SMTP Relay

Category: Exchange SLA: Remediate within 24-48 hours

Description

Exchange accepts mail relay from unauthenticated sources.

Remediation

Configure receive connectors to require authentication.

Affected Items

EX01.contoso.local

Critical

SMB1 Protocol Enabled

Category: FileServer SLA: Remediate within 24-48 hours

Description

Legacy SMB1 protocol enabled on file servers, vulnerable to EternalBlue.

Remediation

Disable SMB1 using Set-SmbServerConfiguration -EnableSMB1Protocol $false

Affected Items

FS01, FS02, FS03

Critical

Default SNMP Community String

Category: NetworkDevice SLA: Remediate within 24-48 hours

Description

Network devices using default 'public' or 'private' SNMP communities.

Remediation

Change SNMP community strings to complex values.

Affected Items

cisco-core01, hpe-sw01, hpe-sw02

Critical

Any/Any Security Policy

Category: PaloAlto SLA: Remediate within 24-48 hours

Description

Firewall has overly permissive any/any security rules.

Remediation

Remove or restrict any/any rules to specific sources/destinations.

Affected Items

pa-fw01, pa-fw02

Critical

Telnet Enabled on VTY Lines

Category: CiscoIOS SLA: Remediate within 24-48 hours

Description

Cisco switches have Telnet enabled instead of SSH only.

Remediation

Disable Telnet and enforce SSH with 'transport input ssh'.

Affected Items

cisco-core01, cisco-core02, cisco-access01

High

Oracle Default Accounts

Category: OracleDB SLA: Remediate within 1 week

Description

Oracle database has unlocked default accounts.

Remediation

Lock all default accounts: ALTER USER xxx ACCOUNT LOCK.

Affected Items

orcl01, orcl02

High

Supermicro IPMI Exposed

Category: SupermicroIPMI SLA: Remediate within 1 week

Description

IPMI accessible from non-management networks.

Remediation

Restrict IPMI to management VLAN.

Affected Items

sm-ipmi01, sm-ipmi02

High

Cisco CIMC Telnet Enabled

Category: CiscoCIMC SLA: Remediate within 1 week

Description

CIMC has Telnet service enabled.

Remediation

Disable Telnet and use SSH/HTTPS only.

Affected Items

ucs-c01, ucs-c02

High

Tape Library No Encryption

Category: TapeLibrary SLA: Remediate within 1 week

Description

Tape library not using hardware encryption.

Remediation

Enable tape encryption with key management.

Affected Items

tape01

High

Brocade SAN Default Zone

Category: BrocadeSAN SLA: Remediate within 1 week

Description

Brocade SAN using default zone allowing all-to-all access.

Remediation

Implement proper zoning configuration.

Affected Items

san-sw01, san-sw02

High

XenServer No TLS

Category: XenServer SLA: Remediate within 1 week

Description

XenServer management without TLS encryption.

Remediation

Enable TLS for XenCenter connections.

Affected Items

xen01, xen02

High

Nutanix CVMs Exposed

Category: Nutanix SLA: Remediate within 1 week

Description

Nutanix Controller VMs accessible from untrusted networks.

Remediation

Restrict CVM access to management network.

Affected Items

ntnx-cvm01, ntnx-cvm02

High

Proxmox Default Password

Category: Proxmox SLA: Remediate within 1 week

Description

Proxmox root using default or weak password.

Remediation

Change root password to complex value.

Affected Items

pve01, pve02

High

MySQL Root Remote Access

Category: MySQL SLA: Remediate within 1 week

Description

MySQL root user can connect from any host.

Remediation

Restrict root to localhost with UPDATE mysql.user.

Affected Items

mysql01, mysql02

High

Nginx Default SSL

Category: Nginx SLA: Remediate within 1 week

Description

Nginx using default self-signed certificates.

Remediation

Install valid CA-signed certificates.

Affected Items

nginx01, nginx02

High

Redis No Authentication

Category: Redis SLA: Remediate within 1 week

Description

Redis instances accessible without password.

Remediation

Enable requirepass in redis.conf.

Affected Items

redis01, redis02

High

SSH Version 1 Enabled

Category: CiscoIOS SLA: Remediate within 1 week

Description

Network devices supporting deprecated SSH protocol version 1.

Remediation

Disable SSHv1 with 'ip ssh version 2'.

Affected Items

cisco-access01, cisco-access02

High

No AAA Authentication

Category: CiscoIOS SLA: Remediate within 1 week

Description

Cisco switches not using AAA for authentication.

Remediation

Configure AAA with TACACS+ or RADIUS.

Affected Items

cisco-access03, cisco-access04

High

TLS 1.0/1.1 Enabled

Category: IIS SLA: Remediate within 1 week

Description

Web servers supporting deprecated TLS versions.

Remediation

Disable TLS 1.0/1.1 and enforce TLS 1.2+.

Affected Items

WEB01, WEB02, WEB03

High

SMB Signing Not Required

Category: FileServer SLA: Remediate within 1 week

Description

File servers not requiring SMB signing.

Remediation

Enable SMB signing requirement via Group Policy.

Affected Items

FS01, FS02

High

WildFire Not Enabled

Category: PaloAlto SLA: Remediate within 1 week

Description

Palo Alto firewalls not using WildFire for malware analysis.

Remediation

Enable WildFire on security profiles.

Affected Items

pa-fw01, pa-fw02

High

FortiGuard Not Connected

Category: Fortinet SLA: Remediate within 1 week

Description

FortiGate not receiving FortiGuard updates.

Remediation

Verify FortiGuard connectivity and license.

Affected Items

fg-fw01

High

Elasticsearch No Security

Category: Elasticsearch SLA: Remediate within 1 week

Description

Elasticsearch cluster without X-Pack security enabled.

Remediation

Enable X-Pack security and configure authentication.

Affected Items

es-node01, es-node02

High

HPE Switch Default SNMP

Category: HPESwitch SLA: Remediate within 1 week

Description

HPE switches using default SNMP communities.

Remediation

Change SNMP community strings.

Affected Items

hpe-2930f-01, hpe-2930f-02

High

VMware ESXi Outdated

Category: VMware SLA: Remediate within 1 week

Description

ESXi hosts running outdated versions with known vulnerabilities.

Remediation

Update ESXi to latest patch level.

Affected Items

esxi01, esxi02

High

SSH Enabled on ESXi

Category: VMware SLA: Remediate within 1 week

Description

ESXi hosts have SSH service enabled.

Remediation

Disable SSH when not needed for troubleshooting.

Affected Items

esxi01, esxi02, esxi03

High

Weak RADIUS Shared Secret

Category: NPS SLA: Remediate within 1 week

Description

NPS RADIUS clients using weak shared secrets.

Remediation

Use complex shared secrets of 22+ characters.

Affected Items

AP-01, AP-02, VPN-01

Medium

Linux SSH Root Login

Category: Linux SLA: Remediate within 1 month

Description

Linux servers allow direct root SSH login.

Remediation

Set PermitRootLogin no in sshd_config.

Affected Items

linux01, linux02, linux03

Medium

Hyper-V CredSSP Migration

Category: HyperV SLA: Remediate within 1 month

Description

Hyper-V using CredSSP for live migration.

Remediation

Use Kerberos constrained delegation instead.

Affected Items

HV01, HV02

Medium

AIX Password Policy Weak

Category: AIX SLA: Remediate within 1 month

Description

AIX systems with weak password policy settings.

Remediation

Strengthen password policy in /etc/security/user.

Affected Items

aix01, aix02

Medium

Cisco MDS Port Security Disabled

Category: CiscoMDS SLA: Remediate within 1 month

Description

MDS SAN switches without port security enabled.

Remediation

Enable FC port security.

Affected Items

mds01, mds02

Medium

HAProxy Stats Exposed

Category: HAProxy SLA: Remediate within 1 month

Description

HAProxy statistics page accessible without authentication.

Remediation

Add authentication to stats page.

Affected Items

haproxy01

Medium

Apache ServerTokens Full

Category: Apache SLA: Remediate within 1 month

Description

Apache exposing full version information.

Remediation

Set ServerTokens Prod in httpd.conf.

Affected Items

apache01, apache02

Medium

Lenovo XCC Weak Cipher

Category: LenovoXCC SLA: Remediate within 1 month

Description

XCC using weak SSL/TLS ciphers.

Remediation

Configure strong cipher suites.

Affected Items

lenovo-xcc01

Medium

Juniper JunOS SSH Weak Key

Category: JuniperJunOS SLA: Remediate within 1 month

Description

JunOS devices using weak SSH host keys.

Remediation

Regenerate SSH keys with 4096-bit RSA.

Affected Items

juniper-mx01

Medium

Windows Updates Pending

Category: Windows SLA: Remediate within 1 month

Description

Windows servers with pending security updates.

Remediation

Apply pending Windows updates.

Affected Items

APP01, APP02, WEB01

Medium

macOS FileVault Disabled

Category: macOS SLA: Remediate within 1 month

Description

macOS devices without FileVault encryption.

Remediation

Enable FileVault disk encryption.

Affected Items

mac01, mac02, mac03

Low

FreeBSD Sendmail Enabled

Category: FreeBSD SLA: Remediate within 3 months

Description

FreeBSD systems running sendmail service.

Remediation

Disable sendmail if not needed.

Affected Items

fbsd01, fbsd02

Configuration Audit

Detailed configuration data collected from each audited component. This information is useful for compliance documentation, baseline comparisons, and configuration drift detection.

Active Directory Configuration

▼

DC01.contoso.local

Domain Settings

Setting	Value	Source
Domain Functional Level	Windows Server 2016	Get-ADDomain
Forest Functional Level	Windows Server 2016	Get-ADForest
Machine Account QuotaSecurity	10	AD Attributes
KRBTGT Password AgeSecurity	185 days	AD Attributes

Password Policy

Setting	Value	Source
Minimum Password Length	12	Default Domain Policy
Password Complexity	Enabled	Default Domain Policy
Password History	24	Default Domain Policy
Maximum Password Age	90 days	Default Domain Policy
Account Lockout Threshold	5	Default Domain Policy

Security Settings

Setting	Value	Source
LDAP SigningSecurity	Require	Group Policy
LDAP Channel BindingSecurity	Always	Group Policy
Kerberos Armoring	Supported	KDC Configuration

Cisco IOS Switches/Routers Configuration

▼

cisco-core01

Global Settings

Setting	Value	Source
SSH Version	2	show running-config
Enable SecretSecurity	Configured (Type 9)	show running-config
Service Password Encryption	Enabled	show running-config
Logging Buffered	16384 informational	show running-config

SNMP Configuration

Setting	Value	Source
SNMP CommunitySecurity	public (READ)	show running-config
SNMP Trap Host	10.1.1.100	show running-config
SNMP Version	v2c	show running-config

VTY Configuration

Setting	Value	Source
Transport Input	ssh	line vty 0 15
Exec Timeout	5 0	line vty 0 15
Login Authentication	AAA	line vty 0 15

Microsoft Exchange Server Configuration

▼

EX01.contoso.local

Client Access

Setting	Value	Source
OWA External URL	https://mail.contoso.com/owa	OWA Virtual Directory
OWA SSL Required	True	OWA Virtual Directory
ActiveSync SSL Required	True	ActiveSync Virtual Directory
Autodiscover SSL Required	True	Autodiscover Virtual Directory

Mailbox Settings

Setting	Value	Source
Default Database Quota	5GB	Mailbox Database
Deleted Item Retention	14 days	Mailbox Database
Circular Logging	Disabled	Mailbox Database

Transport Configuration

Setting	Value	Source
Internal Send Connector TLS	Required	Send Connector
External Receive Connector Auth	TLS Required	Receive Connector
TLS Certificate Subject	mail.contoso.com	Transport Certificate

IIS Web Servers Configuration

▼

WEB01.contoso.local

Security

Setting	Value	Source
Request Filtering	Enabled	web.config
Custom Errors	On	web.config
Directory BrowsingSecurity	Disabled	web.config

Server Settings

Setting	Value	Source
IIS Version	10.0	applicationHost.config
Application Pool Identity	ApplicationPoolIdentity	App Pool Settings
.NET Runtime	v4.0	App Pool Settings

SSL/TLS

Setting	Value	Source
SSL Certificate	*.contoso.com (Valid until 2027-06-15)	Binding
TLS 1.0	Disabled	Registry
TLS 1.1	Disabled	Registry
TLS 1.2	Enabled	Registry
TLS 1.3	Enabled	Registry

Microsoft SQL Server Configuration

▼

SQL01\MSSQLSERVER

Encryption

Setting	Value	Source
Force Encryption	True	Network Configuration
TDE EnabledSecurity	False	Database Properties

Instance Settings

Setting	Value	Source
Authentication Mode	Windows and SQL Server	Server Properties
Audit Level	Failed Logins Only	Server Properties
Cross DB Ownership	Disabled	Server Properties

Security Configuration

Setting	Value	Source
SA AccountSecurity	Enabled	Server Logins
xp_cmdshellSecurity	Disabled	sp_configure
CLR Enabled	Disabled	sp_configure
Remote Access	Disabled	sp_configure

Palo Alto Firewalls Configuration

▼

pa-fw01

Logging

Setting	Value	Source
Syslog Server	10.1.1.100	Log Forwarding
Traffic Log Severity	Informational	Log Settings

Management Access

Setting	Value	Source
HTTPS Management	Enabled	Device > Setup
SSH Management	Enabled	Device > Setup
Telnet Management	Disabled	Device > Setup

System Settings

Setting	Value	Source
PAN-OS Version	11.1.2	System Info
Threat Version	8823-8438	Content Versions
WildFire VersionSecurity	0	Content Versions

Veeam Backup & Replication Configuration

▼

veeam01.contoso.local

Backup Settings

Setting	Value	Source
Job Encryption	AES-256	Backup Job Properties
Backup Copy Enabled	Yes	Backup Copy Job
Immutability Period	7 days	Repository Settings

Repository Configuration

Setting	Value	Source
Primary Repository Type	Linux Hardened	Repository
Repository Encryption	Enabled	Repository
Max Concurrent Tasks	4	Repository

VMware ESXi/vSphere Configuration

▼

esxi01.contoso.local

Host Security

Setting	Value	Source
Lockdown ModeSecurity	Normal	Host Configuration
SSH ServiceSecurity	Running	Host Services
Shell Service	Stopped	Host Services
DCUI Service	Running	Host Services

Network Security

Setting	Value	Source
Promiscuous Mode	Reject	vSwitch Security
MAC Address Changes	Reject	vSwitch Security
Forged Transmits	Reject	vSwitch Security

vcenter.contoso.local

vCenter Settings

Setting	Value	Source
SSO Domain	vsphere.local	vCenter Configuration
vCenter Version	8.0 Update 2	vCenter About
Distributed Switch Version	8.0.0	DVS Configuration

Recommendations

Immediate Actions (Critical)

Address these within 24-48 hours:

Kerberoastable Service Accounts: Use gMSA or enforce AES256 encryption for service accounts.
ESC1 Vulnerable Certificate Template: Remove 'Supply in request' option and restrict enrollment.
SMB1 Protocol Enabled: Disable SMB1 using Set-SmbServerConfiguration -EnableSMB1Protocol $false
Open SMTP Relay: Configure receive connectors to require authentication.
Telnet Enabled on VTY Lines: Disable Telnet and enforce SSH with 'transport input ssh'.
Default SNMP Community String: Change SNMP community strings to complex values.
Any/Any Security Policy: Remove or restrict any/any rules to specific sources/destinations.
SA Account Enabled with Weak Password: Disable SA account or set complex password and use Windows auth.
Docker Socket Exposed: Enable TLS on Docker daemon and restrict socket access.
MongoDB Authentication Disabled: Enable authentication with --auth flag and create admin users.
Kubernetes cluster-admin Binding: Remove unnecessary cluster-admin bindings and use least privilege.
Open DNS Recursion: Restrict recursion to trusted networks with allow-recursion.
Default BMC Credentials: Change default passwords and integrate with directory services.
Unencrypted Backup Jobs: Enable encryption on backup jobs with strong passwords.
PostgreSQL Trust Authentication: Change pg_hba.conf to use md5 or scram-sha-256 authentication.
Storage Array Default Admin: Change default admin passwords.
Dell iDRAC Default Password: Change default iDRAC password.

Short-Term Actions (High)

Address these within 1 week:

SSH Version 1 Enabled: Disable SSHv1 with 'ip ssh version 2'.
No AAA Authentication: Configure AAA with TACACS+ or RADIUS.
TLS 1.0/1.1 Enabled: Disable TLS 1.0/1.1 and enforce TLS 1.2+.
SMB Signing Not Required: Enable SMB signing requirement via Group Policy.
WildFire Not Enabled: Enable WildFire on security profiles.
FortiGuard Not Connected: Verify FortiGuard connectivity and license.
VMware ESXi Outdated: Update ESXi to latest patch level.
SSH Enabled on ESXi: Disable SSH when not needed for troubleshooting.
Weak RADIUS Shared Secret: Use complex shared secrets of 22+ characters.
Nginx Default SSL: Install valid CA-signed certificates.
Redis No Authentication: Enable requirepass in redis.conf.
Elasticsearch No Security: Enable X-Pack security and configure authentication.
MySQL Root Remote Access: Restrict root to localhost with UPDATE mysql.user.
Oracle Default Accounts: Lock all default accounts: ALTER USER xxx ACCOUNT LOCK.
Proxmox Default Password: Change root password to complex value.
Nutanix CVMs Exposed: Restrict CVM access to management network.
XenServer No TLS: Enable TLS for XenCenter connections.
Brocade SAN Default Zone: Implement proper zoning configuration.
Tape Library No Encryption: Enable tape encryption with key management.
Cisco CIMC Telnet Enabled: Disable Telnet and use SSH/HTTPS only.
Supermicro IPMI Exposed: Restrict IPMI to management VLAN.
HPE Switch Default SNMP: Change SNMP community strings.

Medium-Term Actions

Address medium and low severity findings within 1-3 months as part of regular security hardening.

General Recommendations

Implement continuous monitoring for critical security events
Conduct regular security assessments (quarterly recommended)
Keep all systems patched and updated
Review and update security policies annually
Provide ongoing security awareness training