[Security] [Harden] Managed/Auto Server Hardening (JumpBox/PAW)
It would be nice to have a module for auto-hardening the servers for management by Honolulu ('jump-box' scenarios).
This would entail locking down settings on the remote/managed servers like inbound Firewall rules, WinRM endpoints, protocols/algorithms, credential delegation, PS Transcripting, etc.
The goal would be to harden the management channels used by Honolulu and ensure that they can only be accessed from authorised Honolulu gateways.
Having a way to automated this graphically at scale would remove one of the major hindrances to finally killing the server UI and using Server Core everywhere.
Like the open scap tool
Honolulu should have the hability to check security policies and standars agasinst the VM and host configuration and assist the user to harden the servers aplying the defined templates on the server.
This is something basic in case someone cares about security