This page provides a list of recommended secure configuration checks for Dell EMC Unity and is periodically updated. Unity is a hybrid (SAN and NAS) midrange storage system from Dell EMC.
ID | System | Category | Configuration check |
K021100M0100 | Dell EMC Unity | Access Control | Banner check |
K07110000105 | Dell EMC Unity | Access Control | Cloud connection |
K041100MP110 | Dell EMC Unity | Access Control | CloudIQ status |
K071100MP115 | Dell EMC Unity | Access Control | default admin lockout |
K0711000P120 | Dell EMC Unity | Access Control | IPFilter status |
K051100M0125 | Dell EMC Unity | Access Control | IPMI IP ACL |
K071100M0130 | Dell EMC Unity | Access Control | IPMI Serial over LAN |
K021100M0135 | Dell EMC Unity | Access Control | IPMI status |
K071100M0140 | Dell EMC Unity | Access Control | Lockout duration |
K071100M0145 | Dell EMC Unity | Access Control | Lockout threshold |
K071100M0150 | Dell EMC Unity | Access Control | Login Banner status |
K071100M0155 | Dell EMC Unity | Access Control | NFS share IP ACL |
K141100M0160 | Dell EMC Unity | Access Control | Non-default local users |
K0711I0M0165 | Dell EMC Unity | Access Control | Security administrator |
K0711I0M0170 | Dell EMC Unity | Access Control | Session timeout |
K041100M0175 | Dell EMC Unity | Access Control | SMB ACL |
K071100M0180 | Dell EMC Unity | Access Control | Use of remote support policy manager |
K071100M0185 | Dell EMC Unity | Audit Logging | Approved NTP servers |
K07110000190 | Dell EMC Unity | Audit Logging | Approved syslog servers |
K071100M0195 | Dell EMC Unity | Audit Logging | Audit Log retention |
K071100M0200 | Dell EMC Unity | Audit Logging | Centralized log server |
K071100M0205 | Dell EMC Unity | Audit Logging | Centralized log server redundancy |
K071100M0210 | Dell EMC Unity | Audit Logging | NTP server redundancy |
K071100M0215 | Dell EMC Unity | Audit Logging | NTP service status |
K071100M0220 | Dell EMC Unity | Audit Logging | Required NTP servers |
K071100M0225 | Dell EMC Unity | Audit Logging | Required syslog servers |
K091100M0230 | Dell EMC Unity | Audit Logging | syslog minimum severity level |
K071100M0235 | Dell EMC Unity | Audit Logging | Syslog protocol |
K071100M0240 | Dell EMC Unity | Authentication | Approved Authentication server |
K071100M0245 | Dell EMC Unity | Authentication | Authentication server configuration |
K071100M0250 | Dell EMC Unity | Authentication | Authentication server is not secure |
K05110000255 | Dell EMC Unity | Authentication | Authentication server redundancy |
K071100M0260 | Dell EMC Unity | Authentication | CHAP authentication mode |
K071100M0685 | Dell EMC Unity | Authentication | Default password (service) |
K071100M0265 | Dell EMC Unity | Authentication | Default password (Unisphere) |
K021100M0270 | Dell EMC Unity | Authentication | Default passwords |
K071100M0275 | Dell EMC Unity | Authentication | IPMI default password |
K071100M0280 | Dell EMC Unity | Authentication | IPMI user list |
K1111I0M0285 | Dell EMC Unity | Authentication | LDAP authentication strength (NAS server) |
K0711I0M0290 | Dell EMC Unity | Authentication | LDAP SSL |
K0611I0M0295 | Dell EMC Unity | Authentication | Maximum password age |
K071100M0300 | Dell EMC Unity | Authentication | Minimum password length |
K071100M0305 | Dell EMC Unity | Authentication | NFS authentication cache |
K071100M0310 | Dell EMC Unity | Authentication | NFS secure mode (Kerberos) |
K041100M0315 | Dell EMC Unity | Authentication | Password requirements |
K071100M0320 | Dell EMC Unity | Authentication | Password reuse policy |
K0711000P325 | Dell EMC Unity | Authentication | Required Authentication server |
K071100MP330 | Dell EMC Unity | Authentication | self-signed certificate |
K131100M0335 | Dell EMC Unity | Authentication | SNMP authentication protocol |
K051100M0340 | Dell EMC Unity | Authentication | SNMP community default string |
K071100M0345 | Dell EMC Unity | Authentication | SSO status |
K071100M0350 | Dell EMC Unity | Authentication | Windows authentication protocol |
K071100M0355 | Dell EMC Unity | Authorization | Anon user UID/GID |
K071100M0360 | Dell EMC Unity | Authorization | Approved admin group/user |
K071100M0365 | Dell EMC Unity | Authorization | Default NFS access rights |
K071100M0370 | Dell EMC Unity | Authorization | NFS share rights |
K021100M0375 | Dell EMC Unity | Authorization | SMB share rights |
K071100M0380 | Dell EMC Unity | Backup and Recovery | Data copies status |
K051100M0385 | Dell EMC Unity | Backup and Recovery | keystore backup |
K07110000390 | Dell EMC Unity | Backup and Recovery | Replication enabled |
K071100M0395 | Dell EMC Unity | Configuration Management | Approved BMC/BIOS version |
K071100M0400 | Dell EMC Unity | Configuration Management | Approved DNS servers |
K07110000405 | Dell EMC Unity | Configuration Management | Approved Proxy server |
K041100M0410 | Dell EMC Unity | Configuration Management | DNS server redundancy |
K071100M0415 | Dell EMC Unity | Configuration Management | DNS service status |
K071100M0420 | Dell EMC Unity | Configuration Management | IPv6 status |
K071100M0425 | Dell EMC Unity | Configuration Management | Packet reflection status |
K131100M0430 | Dell EMC Unity | Configuration Management | Required DNS servers |
K071100M0435 | Dell EMC Unity | Configuration Management | Target Unity Drive Firmware |
K0211000P440 | Dell EMC Unity | Configuration Management | Target Unity OE |
K071100M0445 | Dell EMC Unity | Data Integrity | SMB signing |
K071100M0450 | Dell EMC Unity | Encryption | Central Certificate Authority (CA) status |
K071100M0455 | Dell EMC Unity | Encryption | Certificate issuer |
K071100o0460 | Dell EMC Unity | Encryption | Certificate public key algorithm |
K071100M0465 | Dell EMC Unity | Encryption | Certificate signature algorithm strength |
K071100M0470 | Dell EMC Unity | Encryption | Certificate Thumbprint Algorithm |
K1211I0M0475 | Dell EMC Unity | Encryption | Certificate type |
K071100M0480 | Dell EMC Unity | Encryption | D@RE mode |
K071100M0485 | Dell EMC Unity | Encryption | Encryption status |
K051100M0490 | Dell EMC Unity | Encryption | IPMI security |
K071100M0495 | Dell EMC Unity | Encryption | Kerberos encryption strength |
K071100M0500 | Dell EMC Unity | Encryption | KMIP status |
K071100M0505 | Dell EMC Unity | Encryption | Proxy server secure (use socks) |
K071100M0510 | Dell EMC Unity | Encryption | SMB Encryption |
K041100M0515 | Dell EMC Unity | Encryption | SMTP security |
K071100MP520 | Dell EMC Unity | Encryption | SNMP privacy protocol |
K071100M0525 | Dell EMC Unity | Encryption | SSL key bitcount |
K071100M0530 | Dell EMC Unity | Encryption | Support proxy transport type |
K071100M0535 | Dell EMC Unity | Encryption | TLS level |
K071100M0540 | Dell EMC Unity | Encryption | TLS security level |
K071100M0545 | Dell EMC Unity | Encryption | Valid non-expired certificates are used |
K071100M0550 | Dell EMC Unity | Hardening | FIPS mode status |
K021100M0555 | Dell EMC Unity | Hardening | IPMI power control |
K07110000560 | Dell EMC Unity | Hardening | Restricted shell mode |
K0711I0M0565 | Dell EMC Unity | Hardening | root user |
K071100M0570 | Dell EMC Unity | Hardening | STIG mode |
K071100M0575 | Dell EMC Unity | Malware Protection | Antivirus scan enabled |
K071100M0580 | Dell EMC Unity | Monitoring | Approved SNMP trap hosts |
K071100M0585 | Dell EMC Unity | Monitoring | Email notification |
K071100M0590 | Dell EMC Unity | Monitoring | Remote support configuration |
K071100M0595 | Dell EMC Unity | Monitoring | Remote support status |
K041100M0600 | Dell EMC Unity | Monitoring | SMTP authentication |
K071100M0605 | Dell EMC Unity | Monitoring | SNMP minimum storage alerts level |
K071100M0610 | Dell EMC Unity | Monitoring | SNMP trap host configuration |
K051100M0615 | Dell EMC Unity | Services and Protocols | Enabled SMB versions |
K071100MP620 | Dell EMC Unity | Services and Protocols | HTTP status |
K071100M0625 | Dell EMC Unity | Services and Protocols | iSCSI service status |
K071100M0630 | Dell EMC Unity | Services and Protocols | NDMP service status |
K071100M0635 | Dell EMC Unity | Services and Protocols | NFS security |
K071100M0640 | Dell EMC Unity | Services and Protocols | NFS service status |
K071100M0645 | Dell EMC Unity | Services and Protocols | NFS versions enabled |
K021100M0650 | Dell EMC Unity | Services and Protocols | NIS enabled |
K0711I0M0655 | Dell EMC Unity | Services and Protocols | SMB service status |
K041100M0660 | Dell EMC Unity | Services and Protocols | SMBv1 status |
K071100M0665 | Dell EMC Unity | Services and Protocols | SNMP status |
K121100M0670 | Dell EMC Unity | Services and Protocols | SNMP versions enabled |
K071100MP675 | Dell EMC Unity | Services and Protocols | SSH status |
K071100M0680 | Dell EMC Unity | Services and Protocols | Telnet service status |
... and more. |
NOTE: Security baseline checks should be performed also against additional components such as Dell EMC PowerShell for Unity, PowerPath, Unisphere and other related components.
Interested to learn about StorageGuard secure configuration checks for Unity?
|
||
|
|
Comments
0 comments
Please sign in to leave a comment.