Infrastructure
Infrastructure provides fleet-wide server inventory, efficiency and rightsizing analysis, and baseline configuration management.
Servers
Servers is the fleet view — a table of all monitored servers showing security scores, agent status, environment assignment, and assigned tags. Use this view to identify servers with degraded security posture, offline agents, or missing environment and tag assignments.
Selecting a server opens the server detail page, which organizes server-specific data into tabs:
Overview
Security score summary, agent version, enrollment details
Accounts
User accounts present on this server
Groups
Group memberships on this server
Sudo
Sudo rules configured on this server
SSHD Config
SSH daemon configuration
SSH Keys
Authorized keys entries on this server
SSH Client
SSH client configuration (~/.ssh/config, known_hosts)
Efficiency
Per-server resource utilization and rightsizing data
Drift
Config Drift events for this server
Auth
Authentication events and session history for this server
File Monitoring
File system events for this server
The server detail tabs provide a per-server hierarchy distinct from the top-level pillar navigation.
Efficiency
Efficiency provides CPU, memory, and storage rightsizing recommendations across the fleet. An over-provisioning summary at the top of the page shows estimated monthly cost impact broken down by CPU, memory, and storage waste.
Storage Recommendations identifies mount points with low utilization or stale data. Each entry includes a growth forecast using linear regression analysis and projected time to capacity, helping you decide whether to reclaim, expand, or monitor a volume.
CPU/MEM Rightsizing shows per-server resource utilization trend charts with a recommendation classification for each server: downsize, maintain, or upsize. Servers that are consistently under-utilized appear as downsize candidates; servers approaching capacity limits appear as upsize candidates.
JVM application optimization surfaces Java processes with heap sizing or garbage collection configuration issues that are contributing to memory waste or instability.
Baselines
Baselines lets you define expected configurations for accounts, groups, and sudo policies across your fleet. LinuxGuard compares the actual state of each server against the defined baselines and records any deviations.
Baseline deviations surface as Config Drift events in Zero Trust Enforcement. This creates a direct link between your configuration expectations and the drift detection system — an administrator reviewing drift events can distinguish between expected changes and unexpected deviations from your stated baseline.
Optional UID and GID tracking toggles control whether numeric ID changes are included in baseline comparisons. Enabling these provides more precise detection for environments where account UID/GID assignments must remain consistent across servers.
Related: Console | Zero Trust Enforcement | Security Architecture
Last updated
Was this helpful?