Physical access and security
Bravura Security Fabric servers should be physically protected, since logical security measures can often be bypassed by an intruder with physical access to the console:
Restrict physical access
Put Bravura Security Fabric server(s) in a locked and secured room. Restrict access to authorized personnel only. Product administrators should install and configure the server(s) and then only access it remotely via HTTPS to its web portal or RDP to the OS.
Connect a UPS
Ensure that server power is protected, that graceful shutdowns occur when power is interrupted and that there is surge protection at least on incoming power connections.
Prevent boot from removable media
Configure the server to boot from an internal drive and not from removable media.
Where the Bravura Security Fabric server is virtualized, apply the above controls to the hypervisor.