Linux Desktop Support 2.0

Plans for next generation linux desktop support.

Security Services/Features needed (based on SLAC MinSec):

1. Anti-virus Software
   1. Install and configure ClamAV (optional, since not in moderate enclave)
2. Application Patches
   1. Configure automatic updates for Applications via apt/yum config
3. Authentication
   1. Requirements met for global accounts via Active Directory rules
   2. Use Chef Compliance to scan for and enabled insecure protocols
4. Logging
   1. Configure syslog to log to central syslog server, and enable logging locally to /var/log/everything
5. Network Services
   1. Check for inappropriate network services via Chef Compliance
6. Operating System Patches
   1. Configure automatic updates for OS patches via apt/yum 
7. Passwords

Reference Documents:

• Published SLAC Policies and Governance SLAC Controlled Documents page:
  https://docs.slac.stanford.edu/sites/pub/Pages/SLAC_Policies.aspx
  
  

• Minimum Security Requirements for Computing
  https://docs.slac.stanford.edu/sites/pub/Publications/701-I02-001-00_Min_Sec_Req_for_Comp.pdf
  
  

• Configuration Management Procedures in the SCS twiki:
  https://novel.slac.stanford.edu/twiki/bin/view/SCCS/ConfigurationManagement