Security Hardening

This option enables you to view and configure, from a single location, various security-related settings that enhance product security. A Product Security Hardening score, based on the configuration of each security parameter, is shown on the right side of the Security Hardening tab. This helps you understand how secure your ManageEngine RecoveryManager Plus instance is.

The following configurations improve the security of RecoveryManager Plus.

1. Enforce HTTPS: This setting helps establish a secure connection between the web browsers and the RecoveryManager Plus web server.
2. Change Default Admin Password: Use this setting to change the default admin's password.
3. Enforce Two-factor Authentication: Use this setting to add an additional layer of security while logging in to RecoveryManager Plus. For more information on 2FA services available in RecoveryManager Plus, refer to this help document.
4. Enable CAPTCHA: Configure CAPTCHA settings to apply after a specific number of invalid login attempts to help mitigate bot-based attacks.
5. Block Invalid Login Attempts: This setting allows you to block a particular technician after a specific number of failed login attempts by the user.
6. Enforce LDAP SSL: Set up an LDAP over SSL (LDAPS) connection to secure the information exchange between RecoveryManager Plus and the LDAP servers.
7. Receive Alerts On Security Updates: Configuring this setting allows you to receive email notifications regarding released security patches. This ensures that you are well-informed about any security updates for the product, enabling you to update it as soon as possible.

Steps to configure security hardening settings in RecoveryManager Plus:

1. Login to RecoveryManager Plus console and navigate to the Admin tab.
2. In the left pane, under General Settings, click Product Settings.
3. Navigate to Security Hardening, and configure the respective security settings using the buttons available next to them.
4. Enable the Don't show alerts even if the recommended settings are not configured option to hide alerts on security hardening, regardless of the state of the recommended settings.