Question & Answer
Can you disable built-in users or otherwise harden the QRadar appliance?
Some users may want to disable built-in users or harden the system due to compliance and security policy concerns.
Disabling the root user for CLI access, disabling or deleting the admin account, modifying other backend accounts, changing of file owners or permission, and other such changes in the name of hardening the appliance are not supported. Making such changes to the appliance will likely result in the appliance not functioning properly and can require a factory reset in order to recover the system.
IBM regularly scans the system with several vendors on a very regular basis to ensure security compliance. If additional steps are required, the FIPS offering may also be considered.
Where do you find more information?
Was this topic helpful?
16 June 2018