EMS maintenance
The following lists best practices for EMS maintenance:
- Ensure to regularly upgrade FortiClient EMS whenever a new version is upgrade. For details on each release, check the FortiClient EMS Release Notes.
- Back up the EMS database weekly by going to Administration > Back up Database.
- Review alerts regularly.
- For details on migrating EMS to a new server, see Use Case: Migrating EMS to a New Server.
To ensure server security, follow these best practices for server hardening:
- User account best practices:
- Configure user accounts with strong, complex passwords. Change passwords regularly. Do not reuse passwords.
- Lock accounts after a number of login failures. Login failures may be illegitimate attempts to gain access to your system.
- Do not permit users to configure accounts with empty passwords.
- Limit user accounts to access only what they need. Increased access should only be granted on an as-needed basis.
- Firewall best practices:
- Configure the system firewall. Proper setup of a firewall can prevent many attacks.
- Consider using a hardware firewall.
- Avoid using insecure protocols that send your information or passwords in plain text format.
- Minimize unnecessary software on your servers.
- Keep your operating system up-to-date. Ensure to install any security patches.
- Minimize open network ports to only what is needed for your specific circumstance.
- Maintain proper database backups.
- Ensure physical server security.