This page provides a list of recommended secure configuration checks for Dell Connectrix MDS FC directors and switches, and is periodically updated. Dell Connectrix MDS storage networking switches connect servers and storage devices in a Storage Area Network (SAN).
Interested to learn about StorageGuard Benchmark Checks for Dell Connectrix? |
||
|
|
ID | System | Category | Configuration check |
K0319000P100 | Connectrix MDS Series | Access Control | Absolute session timeout |
K03190000105 | Connectrix MDS Series | Access Control | Banner (motd) status |
K0319000P110 | Connectrix MDS Series | Access Control | Banner (motd) message |
K0819000P115 | Connectrix MDS Series | Access Control | Default FC port mode |
K0319000P120 | Connectrix MDS Series | Access Control | Default port state |
K0319000P125 | Connectrix MDS Series | Access Control | Default zone policy |
K0319000P130 | Connectrix MDS Series | Access Control | Fabric binding state |
K021900MP135 | Connectrix MDS Series | Access Control | Fabric-binding activated |
K0219000P140 | Connectrix MDS Series | Access Control | FC-CT management status |
K0219000P145 | Connectrix MDS Series | Access Control | Idle session timeout |
K0219000P150 | Connectrix MDS Series | Access Control | IP ACL configuration |
K0219000P155 | Connectrix MDS Series | Access Control | Iscsi initiator idle-timeout |
K0219000P160 | Connectrix MDS Series | Access Control | Non-default local users |
K0219000P165 | Connectrix MDS Series | Access Control | Port security activated for VSAN |
K0219000P170 | Connectrix MDS Series | Access Control | Port security distribution |
K0219000P175 | Connectrix MDS Series | Access Control | Port security feature status |
K0219000P180 | Connectrix MDS Series | Access Control | SAN Fabric zone member identification |
K0219000P185 | Connectrix MDS Series | Access Control | Unused zone members |
K0219000P190 | Connectrix MDS Series | Access Control | Unused zones |
K02190000195 | Connectrix MDS Series | Access Control | VSAN security auto-learning |
K021900MP200 | Connectrix MDS Series | Audit | Approved NTP servers |
K0219000P205 | Connectrix MDS Series | Audit | Approved syslog servers |
K0219000P210 | Connectrix MDS Series | Audit | Audit logging status |
K0319000P215 | Connectrix MDS Series | Audit | Centralized log server |
K0319000P220 | Connectrix MDS Series | Audit | Event types enabled for audit logging |
K0319000P225 | Connectrix MDS Series | Audit | External syslog server redundancy |
K0319000P230 | Connectrix MDS Series | Audit | NTP server redundancy |
K0219000P235 | Connectrix MDS Series | Audit | NTP service status |
K0319000P240 | Connectrix MDS Series | Audit | Required NTP servers |
K0319000P245 | Connectrix MDS Series | Audit | Required syslog servers |
K0519000P250 | Connectrix MDS Series | Authentication | aaa configuration |
K051900MP255 | Connectrix MDS Series | Authentication | Account lockout duration enforcement |
K0519000P260 | Connectrix MDS Series | Authentication | Account lockout threshold |
K0519000P265 | Connectrix MDS Series | Authentication | Account lockout threshold enforcement |
K0519000P270 | Connectrix MDS Series | Authentication | Approved Identity (RADIUS) provider servers |
K0519000P275 | Connectrix MDS Series | Authentication | Approved Identity (TACACS+) provider servers |
K05190000280 | Connectrix MDS Series | Authentication | Approved Identity provider (LDAP) servers |
K0519000P285 | Connectrix MDS Series | Authentication | Authentication server configuration |
K051900MP290 | Connectrix MDS Series | Authentication | Authentication server redundancy |
K0519000P295 | Connectrix MDS Series | Authentication | Default passwords |
K0519000P300 | Connectrix MDS Series | Authentication | DHCHAP authentication timeout |
K0519000P305 | Connectrix MDS Series | Authentication | DHCHAP DH group |
K0519000P310 | Connectrix MDS Series | Authentication | DHCHAP hash algorithm |
K071900MP315 | Connectrix MDS Series | Authentication | DHCHAP mode |
K051900MP320 | Connectrix MDS Series | Authentication | FCSP (DHCHAP) status |
K071900MP316 | Connectrix MDS Series | Authentication | LDAP server Redundancy |
K051900MP321 | Connectrix MDS Series | Authentication | Maximum password age |
K071900MP317 | Connectrix MDS Series | Authentication | Maximum password lifetime |
K051900M0322 | Connectrix MDS Series | Authentication | Minimum account lockout duration |
K071900MP318 | Connectrix MDS Series | Authentication | Minimum password length |
K051900MP323 | Connectrix MDS Series | Authentication | Password change grace time |
K071900MP319 | Connectrix MDS Series | Authentication | Password change security |
K051900MP324 | Connectrix MDS Series | Authentication | Required Identity provider (LDAP) servers |
K071900MP320 | Connectrix MDS Series | Authentication | Required Identity provider (RADIUS) servers |
K051900MP325 | Connectrix MDS Series | Authentication | Required Identity provider (TACACS+) servers |
K071900MP321 | Connectrix MDS Series | Authentication | SNMP community default string |
K051900MP326 | Connectrix MDS Series | Authentication | SNMP user authentication |
K071900MP322 | Connectrix MDS Series | Authentication | Strong dhchap secret |
K051900MP327 | Connectrix MDS Series | Authentication | Watch-for-login-attacks feature |
K071900MP323 | Connectrix MDS Series | Authorization | Approved admin users / groups |
K051900MP328 | Connectrix MDS Series | Authorization | Default role configuration |
K071900MP324 | Connectrix MDS Series | Authorization | User role association |
K051900MP329 | Connectrix MDS Series | Authorization | User role configuration |
K071900MP325 | Connectrix MDS Series | Backup and Recovery | Configuration backup |
K051900MP330 | Connectrix MDS Series | Configuration Management | Approved DNS servers |
K071900M0326 | Connectrix MDS Series | Configuration Management | Approved OS release installed |
K051900MP331 | Connectrix MDS Series | Configuration Management | DNS server redundancy |
K1419000P435 | Connectrix MDS Series | Configuration Management | DNS service status |
K1419000P440 | Connectrix MDS Series | Configuration Management | ENTERPRISE_PKG license |
K1419000P445 | Connectrix MDS Series | Configuration Management | Persistent port security configuration |
K1419000P450 | Connectrix MDS Series | Configuration Management | Power Supply Mode |
K1419000P455 | Connectrix MDS Series | Configuration Management | Remote support configuration |
K0319000P460 | Connectrix MDS Series | Configuration Management | Remote Support status |
K0319000P465 | Connectrix MDS Series | Configuration Management | Required DNS servers |
K0319000P470 | Connectrix MDS Series | Configuration Management | Target MDS software release |
K0319000P475 | Connectrix MDS Series | Encryption | Central Certificate Authority (CA) status |
K0319000P480 | Connectrix MDS Series | Encryption | Certificate issuer |
K0319000P485 | Connectrix MDS Series | Encryption | Certificate signature algorithm |
K0319000P490 | Connectrix MDS Series | Encryption | Certificate validity |
K0319000P495 | Connectrix MDS Series | Encryption | CRL configuration |
K0319000P500 | Connectrix MDS Series | Encryption | ESP mode |
K0319000P505 | Connectrix MDS Series | Encryption | ESP status |
K0319000P510 | Connectrix MDS Series | Encryption | ike status |
K0319000P515 | Connectrix MDS Series | Encryption | ike version |
K0319000P520 | Connectrix MDS Series | Encryption | IPSec authentication method |
K03190000525 | Connectrix MDS Series | Encryption | IPsec configuration |
K1819000P530 | Connectrix MDS Series | Encryption | IPSec hash algorithm |
K1819I00P535 | Connectrix MDS Series | Encryption | IPSec keepalive |
K1819I00P540 | Connectrix MDS Series | Encryption | IPSec lifetime |
K1819I00P545 | Connectrix MDS Series | Encryption | IPSec policy |
K1819I00P550 | Connectrix MDS Series | Encryption | Key type |
K1819I00P555 | Connectrix MDS Series | Encryption | password hash strength |
K1819I00P560 | Connectrix MDS Series | Encryption | Password strength enforcement |
K1819I00P565 | Connectrix MDS Series | Encryption | Self-signed certificate |
K1819I00P570 | Connectrix MDS Series | Encryption | SNMP message privacy enforcement |
K1819I00P575 | Connectrix MDS Series | Encryption | SNMP user privacy |
K1819I00P580 | Connectrix MDS Series | Encryption | SSH key bitcount |
K1819I00P585 | Connectrix MDS Series | Encryption | SSL certificate status |
K1819I00P590 | Connectrix MDS Series | Encryption | Strong password encryption |
K1819I00P595 | Connectrix MDS Series | Encryption | TLS level check |
K1819I00P600 | Connectrix MDS Series | Encryption | Weak key exchange algorithms are disabled |
K1819I00P605 | Connectrix MDS Series | Encryption | Weak SSH ciphers are disabled |
K0319000P610 | Connectrix MDS Series | Encryption | Weak SSH MACs are disabled |
K0319000P615 | Connectrix MDS Series | Hardening | FIPS mode status |
K0319000P620 | Connectrix MDS Series | Services and Protocols | HTTP service status |
K0319000P625 | Connectrix MDS Series | Services and Protocols | SCP status |
K03190000630 | Connectrix MDS Series | Services and Protocols | SFTP status |
K0319000P635 | Connectrix MDS Series | Services and Protocols | SNMP status |
K03190000640 | Connectrix MDS Series | Services and Protocols | SNMP versions enabled |
K1319000P645 | Connectrix MDS Series | Services and Protocols | SSH login attempts |
K0319000P650 | Connectrix MDS Series | Services and Protocols | SSHv1 status |
K03190000655 | Connectrix MDS Series | Services and Protocols | Telnet service status |
K0919000P660 | Connectrix MDS Series | Services and Protocols | TFTP/FTP status |
... and more. |
NOTE: Additional security baseline checks should be performed against Dell Connectrix Cisco Nexus Dashboard Fabric Controller, Data Center Network Manager (DCNM) and other Connectrix components.
Interested to learn about StorageGuard Security Posture Management for Connectrix?
|
||
|
|
Comments
0 comments
Please sign in to leave a comment.