Security & Linux Hardening
IoT device security is a key specification for all industry 4.0 deployments. Therefore qbee offers a lot of security and Linux hardening features. This starts with configuration management to distribute ssh keys securely as well as managing user and password security or firewall settings. Yet the most important security measure is to keep libraries updated and patch them as quickly if possible if vulnerabilities have been detected. This detection is greatly simplified by our continuous CVE vulnerability scan of all Linux packages.
Security & Linux Hardening Features
Users & passwords
Define which users are allowed on the system. qbee will constantly remove all others. Check password age and hash.
Improve your Linux security hardening by frequent OTA updates. Define latest or specific library version.
CVE vulnerability scan
qbee continuously scans your devices for new libraries and syncs with the NIST CVE database to detect vulnerabilities.
UI based firewall configuration for system, groups or single devices. The basis of Linux hardening. Detect ports.
Rotate ssh keys
Distribute or rotate ssh keys. Secure ssh access and control who has ssh keys on the edge devices.
Use our advanced file distribution and scripting to distribute certificates. This can also be done through our REST API.
Secure remote access
Use the integrated secure remote access even though all external ports are closed. This can be switched off.
2 factor authentication
Use 2 factor authentication with mail or Google authenticator to make your login more secure.
State based configuration
State based configuration defines state not actions. Enable spare devices to immediately receive correct configuration.
qbee helps you to secure your large scale IoT deployments. Our focus is on providing tools to increase edge device security by hardening Linux. In addition, the cloud platform gathers valuable insights into the fleet which improve security. Last but not least, the SaaS solution itself is build with maximum security in mind freeing you from operating such a service.
IoT device security is a topic that mandates a lot of experience both with regards to securing the edge hardware but also the infrastructure to operate those. qbee will help you with pre-defined automations in a simple UI to manage passwords and ssh keys and much more.
When the Linux security hardening part is concluded you can use the secure VPN to have remote access or you can disbale this if your customers do not want a VPN functionality.
The integrated CVE vulnerability scan will inform you about problems with your libraries. Our extensive software inventory allows to quickly see which package version is deployed and what edge devices need additional Linux security hardening. This can be easily achieved by the OTA update for software packages. Update large fleets of devices in near real time or define an appropriate update window.