This page provides a list of recommended secure configuration checks for Dell EMC Elastic Cloud Storage (ECS) systems, and is periodically updated.
Dell EMC ECS is a modern software-defined object storage platform designed for both traditional and next-generation workloads.
System | Category | Configuration check |
Dell EMC ECS | Access Control | Access During Outage |
Dell EMC ECS | Access Control | Access-Control-Allow-Headers setting |
Dell EMC ECS | Access Control | Access-Control-Allow-Methods setting |
Dell EMC ECS | Access Control | Access-Control-Allow-Origin setting |
Dell EMC ECS | Access Control | Access-Control-Expose-Headers setting |
Dell EMC ECS | Access Control | Access-Control-Max-Age setting |
Dell EMC ECS | Access Control | Approved admin user/group |
Dell EMC ECS | Access Control | Approved LDAP Servers |
Dell EMC ECS | Access Control | Authentication provider group whitelist |
Dell EMC ECS | Access Control | Bucket acl |
Dell EMC ECS | Access Control | Bucket default groups |
Dell EMC ECS | Access Control | CAS IP restrictions |
Dell EMC ECS | Access Control | Central Certificate Authority (CA) status |
Dell EMC ECS | Access Control | Certificate issuer |
Dell EMC ECS | Access Control | External key manager configuration |
Dell EMC ECS | Access Control | Firewall status |
Dell EMC ECS | Access Control | Hardening status |
Dell EMC ECS | Access Control | HTTP access |
Dell EMC ECS | Access Control | Inactive user time |
Dell EMC ECS | Access Control | IPMI access mode |
Dell EMC ECS | Access Control | IPMI session type |
Dell EMC ECS | Access Control | Login Banner Status |
Dell EMC ECS | Access Control | Max number of sessions |
Dell EMC ECS | Access Control | Max session duration |
Dell EMC ECS | Access Control | NFS anon user mapping |
Dell EMC ECS | Access Control | Node compliance mode |
Dell EMC ECS | Access Control | Node firewall health |
Dell EMC ECS | Access Control | Node firewall status |
Dell EMC ECS | Access Control | Node lockdown |
Dell EMC ECS | Access Control | Non-default admin local users |
Dell EMC ECS | Access Control | Permission on sensitive directories/files |
Dell EMC ECS | Access Control | Readonly access during outage |
Dell EMC ECS | Access Control | Remote support configuration |
Dell EMC ECS | Access Control | Remote support status |
Dell EMC ECS | Access Control | Session timeout |
Dell EMC ECS | Access Control | Session timeout (UI) |
Dell EMC ECS | Access Control | SNMP trap receiver |
Dell EMC ECS | Access Control | SNMP version |
Dell EMC ECS | Access Control | User Agreement Text |
Dell EMC ECS | Access Control | Vdc lockdown |
Dell EMC ECS | Audit | Approved external syslog servers |
Dell EMC ECS | Audit | Approved NTP servers |
Dell EMC ECS | Audit | Bucket Audit Delete Expiration |
Dell EMC ECS | Audit | Centralized log server |
Dell EMC ECS | Audit | Centralized log server redundancy |
Dell EMC ECS | Audit | Min severity for syslog |
Dell EMC ECS | Audit | NTP server configuration |
Dell EMC ECS | Audit | NTP server redundancy |
Dell EMC ECS | Audit | NTP service status |
Dell EMC ECS | Audit | Required external syslog servers |
Dell EMC ECS | Audit | Required NTP servers |
Dell EMC ECS | Audit | Syslog facility |
Dell EMC ECS | Audit | Syslog protocol |
Dell EMC ECS | Audit | Syslog status |
Dell EMC ECS | Authentication | [HDFS] Kerberos admin ACL |
Dell EMC ECS | Authentication | [HDFS] Kerberos configuration |
Dell EMC ECS | Authentication | [HDFS] Kerberos status |
Dell EMC ECS | Authentication | Account lockout threshold |
Dell EMC ECS | Authentication | Default passwords |
Dell EMC ECS | Authentication | IPMI anonymous user access |
Dell EMC ECS | Authentication | IPMI authentication type |
Dell EMC ECS | Authentication | IPMI default password |
Dell EMC ECS | Authentication | IPMI per message authentication |
Dell EMC ECS | Authentication | IPMI user level authentication |
Dell EMC ECS | Authentication | IPMI user list |
Dell EMC ECS | Authentication | LDAP server configuration |
Dell EMC ECS | Authentication | LDAP Server redundancy |
Dell EMC ECS | Authentication | Max password age |
Dell EMC ECS | Authentication | Min number of lowercase password chars |
Dell EMC ECS | Authentication | Min number of password numeric chars |
Dell EMC ECS | Authentication | Min number of password special chars |
Dell EMC ECS | Authentication | Min number of uppercase password chars |
Dell EMC ECS | Authentication | Min password age |
Dell EMC ECS | Authentication | Min password char change |
Dell EMC ECS | Authentication | NFS authentication settings |
Dell EMC ECS | Authentication | NFS root user mapping |
Dell EMC ECS | Authentication | Password length |
Dell EMC ECS | Authentication | Password reuse |
Dell EMC ECS | Authentication | Password rule status |
Dell EMC ECS | Authentication | Rack switch SNMP community string |
Dell EMC ECS | Authentication | Required LDAP Servers |
Dell EMC ECS | Authentication | SNMP authentication |
Dell EMC ECS | Authentication | SNMP authentication algorithm strength |
Dell EMC ECS | Authentication | SNMP community string |
Dell EMC ECS | Authorization | Bucket permission |
Dell EMC ECS | Authorization | Default group directory exec permission |
Dell EMC ECS | Authorization | Default group directory read permission |
Dell EMC ECS | Authorization | Default group directory write permission |
Dell EMC ECS | Authorization | Default group file exec permission |
Dell EMC ECS | Authorization | Default group file read permission |
Dell EMC ECS | Authorization | Default group file write permission |
Dell EMC ECS | Authorization | S3 bucket acl |
Dell EMC ECS | Backup and Recovery | Bucket auto-commit configuration |
Dell EMC ECS | Backup and Recovery | Bucket compliance status |
Dell EMC ECS | Backup and Recovery | Bucket retention enforcemnt |
Dell EMC ECS | Backup and Recovery | Bucket retention settings |
Dell EMC ECS | Backup and Recovery | Default bucket retention |
Dell EMC ECS | Backup and Recovery | Default object lock retention |
Dell EMC ECS | Backup and Recovery | Default object lock retention mode |
Dell EMC ECS | Backup and Recovery | Fixed retention configuration |
Dell EMC ECS | Backup and Recovery | Full replication |
Dell EMC ECS | Backup and Recovery | Namespace compliance status |
Dell EMC ECS | Backup and Recovery | Namespace retention policy configuration |
Dell EMC ECS | Backup and Recovery | Replication configuration |
Dell EMC ECS | Backup and Recovery | Replication mode |
Dell EMC ECS | Backup and Recovery | RPO alert |
Dell EMC ECS | Backup and Recovery | S3 Bucket lock configuration |
Dell EMC ECS | Backup and Recovery | S3 Bucket Versioning |
Dell EMC ECS | Backup and Recovery | Variable retention configuration |
Dell EMC ECS | Backup and Recovery | Varray protection |
Dell EMC ECS | Configuration Management | DNS server configuration |
Dell EMC ECS | Configuration Management | DNS server redundancy |
Dell EMC ECS | Configuration Management | DNS service status |
Dell EMC ECS | Configuration Management | ECS CLI version |
Dell EMC ECS | Configuration Management | ECS streamer version |
Dell EMC ECS | Configuration Management | Fcli health |
Dell EMC ECS | Configuration Management | Firmware version |
Dell EMC ECS | Configuration Management | NFS version |
Dell EMC ECS | Configuration Management | Node list (MACHINES) |
Dell EMC ECS | Configuration Management | Target ECS version |
Dell EMC ECS | Configuration Management | Target node version |
Dell EMC ECS | Configuration Management | xDoctor Auto update status |
Dell EMC ECS | Configuration Management | xDoctor version |
Dell EMC ECS | Encryption | Data encryption enforcement (namespace) |
Dell EMC ECS | Encryption | Email SSL |
Dell EMC ECS | Encryption | Event encryption |
Dell EMC ECS | Encryption | Openssl configuration |
Dell EMC ECS | Encryption | Server side encryption |
Dell EMC ECS | Encryption | SMTP TLS |
Dell EMC ECS | Encryption | SNMP privacy |
Dell EMC ECS | Encryption | SNMP privacy algorithm strength |
Dell EMC ECS | Encryption | SSL certificate status |
Dell EMC ECS | Encryption | TLS level |
Dell EMC ECS | Encryption | Truststore accept_all_certificates |
Dell EMC ECS | Encryption | Use of secure LDAP |
Dell EMC ECS | Encryption | VDC encryption |
Dell EMC ECS | Encryption | xDoctor Auto update secure protocol |
Dell EMC ECS | Information Security | Management, data and replication separation |
Dell EMC ECS | Information Security | NFS exports |
Dell EMC ECS | Information Security | Support data scrubbing |
Dell EMC ECS | Inventory | ECS CLI client list |
Dell EMC ECS | Inventory | ECS node list |
Dell EMC ECS | Inventory | ECS streamer |
Dell EMC ECS | Inventory | ECS switch list |
Dell EMC ECS | Inventory | ECS system list |
Dell EMC ECS | Monitoring | Alert policy configuration |
Dell EMC ECS | Monitoring | Call home state |
Dell EMC ECS | Monitoring | Email events status |
Dell EMC ECS | Monitoring | ESRS configuration |
Dell EMC ECS | Monitoring | ESRS status |
Dell EMC ECS | Monitoring | IPMI alerting |
Dell EMC ECS | Monitoring | SNMP service status |
Dell EMC ECS | Services and Protocols | Filesystem access |
Dell EMC ECS | Services and Protocols | IPMI status |
Dell EMC ECS | Services and Protocols | IPv6 status |
Dell EMC ECS | Services and Protocols | Telnet service status |
Dell EMC ECS | Services and Protocols | Unused services (atmos) |
Dell EMC ECS | Services and Protocols | Unused services (s3) |
Dell EMC ECS | Services and Protocols | Unused services (swift) |
Dell EMC ECS | Services and Protocols | Unused services (nfs) |
Dell EMC ECS | Services and Protocols | Unused services (hdfs) |
Dell EMC ECS | Services and Protocols | Unused services (cas) |
Dell EMC ECS | Services and Protocols | Unused ports |
Dell EMC ECS | Services and Protocols | Disable SNMP if not used |
Dell EMC ECS | Services and Protocols | Disable remote support if not used |
... and more. |
Interested to learn about StorageGuard secure configuration checks for Storage and Backup systems? |
Comments
0 comments
Please sign in to leave a comment.