You can use the ClearPath Forward Hardening Tools to save a copy of your current operating system security settings. This may be useful as a baseline for rollback purposes if needed.
Windows Operating Systems
By default, the ClearPath Forward Hardening Tool for Windows always creates a rollback file containing the current settings of the operating system before applying any security setting changes. When the hardening tool is first run, the existing security settings are saved as level 0 of hardening and a baseline for rolling back.
To save a copy of the initial state of the security settings of the operating system, do the following to create the level 0 configuration file based on your existing settings:
If necessary, download and install the ClearPath Forward Hardening Tool for Windows on your target operating system.
Note: The latest version of the hardening tools are available from the Unisys Product Support website: Locate the ClearPath Forward Product Support page, and then browse to the Software tab on the Drivers and Downloads page.
Set your Windows PowerShell execution policy to RemoteSigned.
Run the tool (a Windows PowerShell script named Apply-Hardening.ps1) to apply any level of hardening other than level 0. For example,
C:\ProgramData\Unisys\Hardening\Apply-Hardening.ps1 -level 1
Note: Be sure to not include the –norollback option.
If desired, apply the level 0 of hardening to rollback any changes. For example,
C:\ProgramData\Unisys\Hardening\Apply-Hardening.ps1 –level 0
For detailed help and more information on the syntax, enter the following command at a Windows PowerShell prompt:
get-help C:\ProgramData\Unisys\Hardening\Apply-Hardening.ps1 -detailed
For more information on using the tool, see Using the ClearPath Forward Hardening Tool for Windows.
Linux Operating Systems
To save a copy of the current state of the security settings of the operating system, do the following to create a configuration file based on your existing settings:
If necessary, download and install the ClearPath Forward Hardening Tool for Linux on your target operating system.
Note: The latest version of the hardening tools are available from the Unisys Product Support website: Locate the ClearPath Forward Product Support page, and then browse to the Software tab on the Drivers and Downloads page.
Run the tool (available at /usr/bin/harden) with the –o parameter. For example,
harden -o /tmp/my_initial_settings.cfg
For more information on using the tool, see Using the ClearPath Forward Hardening Tool for Linux.