This page provides a list of recommended secure configuration checks for Dell EMC PowerMax, and is periodically updated. PowerMax is Dell EMC's flagship enterprise data storage system.
ID | System | Category | Configuration check |
K070100MP100 | Dell EMC PowerMax | Access Control | Approved Solutions Enabler (SE) management servers |
K07010000105 | Dell EMC PowerMax | Access Control | Approved SYMAPI/SYMCLI client hosts |
K020100M0110 | Dell EMC PowerMax | Access Control | Cloud IQ status |
K0701I0M0115 | Dell EMC PowerMax | Access Control | EMC ECOM external connection limit per host |
K070100M0120 | Dell EMC PowerMax | Access Control | ESRS Policy Manager 'Start Remote Terminal' setting |
K020100M0125 | Dell EMC PowerMax | Access Control | FCID Lockdown |
K020100M0130 | Dell EMC PowerMax | Access Control | LUN masking |
K070100MP135 | Dell EMC PowerMax | Access Control | Non-default local administrative user accounts |
K070100MP140 | Dell EMC PowerMax | Access Control | Non-default local user accounts |
K030100M0145 | Dell EMC PowerMax | Access Control | Remote support configuration |
K03010000150 | Dell EMC PowerMax | Access Control | SE Host access list |
K070100M0155 | Dell EMC PowerMax | Access Control | Security Administrator user |
K070100M0160 | Dell EMC PowerMax | Access Control | SYMAPI server session restrictions |
K070100M0165 | Dell EMC PowerMax | Access Control | Unauthorized user groups |
K070100M0170 | Dell EMC PowerMax | Access Control | Unisphere Session timeout |
K0701I0M0175 | Dell EMC PowerMax | Audit | Approved syslog servers |
K0901I0M0180 | Dell EMC PowerMax | Audit | Centralized log server redundancy |
K090100M0185 | Dell EMC PowerMax | Audit | EMC ECOM CST logging status |
K070100M0190 | Dell EMC PowerMax | Audit | EMC ECOM security logging enabled |
K070100M0195 | Dell EMC PowerMax | Audit | SE Background Audit logging |
K070100M0200 | Dell EMC PowerMax | Audit | SE centralized log server |
K070100M0205 | Dell EMC PowerMax | Audit | SE event / syslog configuration |
K070100M0210 | Dell EMC PowerMax | Audit | SE host NTP server configuration |
K070100M0215 | Dell EMC PowerMax | Audit | SE host NTP server redundancy |
K0701000P220 | Dell EMC PowerMax | Audit | SE Local audit log retention |
K070100M0225 | Dell EMC PowerMax | Authentication | Central authentication |
K070100M0230 | Dell EMC PowerMax | Authentication | Cross-host authentication for client-server comm |
K070100M0235 | Dell EMC PowerMax | Authentication | Default password (Dell EMC SRM) |
K070100M0240 | Dell EMC PowerMax | Authentication | Default password (EMC Solutions Integration Service) |
K070100M0245 | Dell EMC PowerMax | Authentication | Default password (EMC ViPR, ViPR reporting) |
K070100M0250 | Dell EMC PowerMax | Authentication | Default password (EMC VSI for VMware vSphere Web Client) |
K070100M0255 | Dell EMC PowerMax | Authentication | Default password (ESRS Policy Manager Server) |
K070100M0260 | Dell EMC PowerMax | Authentication | Default password (Unisphere) |
K070100M0265 | Dell EMC PowerMax | Authentication | Default password (VASA/SE Virtual Appliance) |
K07010000270 | Dell EMC PowerMax | Authentication | Default passwords |
K070100M0275 | Dell EMC PowerMax | Authentication | Default SNMP strings |
K070100M0280 | Dell EMC PowerMax | Authentication | EMC ECOM certificate authentication status |
K070100M0285 | Dell EMC PowerMax | Authentication | EMC ECOM CIMRequest authentication |
K070100M0290 | Dell EMC PowerMax | Authentication | EMC ECOM CST authentication cache refresh interval |
K070100M0295 | Dell EMC PowerMax | Authentication | EMC ECOM HTTP challenge mechanism |
K070100M0300 | Dell EMC PowerMax | Authentication | EMC ECOM Non-CIMRequest authentication status |
K070100M0305 | Dell EMC PowerMax | Authentication | EMC ECOM SSL client authentication |
K070100M0310 | Dell EMC PowerMax | Authentication | EMC ECOM SSL server authentication |
K07010000315 | Dell EMC PowerMax | Authentication | Enhanced (Kerberos) user authentication |
K070100M0320 | Dell EMC PowerMax | Authentication | iSCSI - RADIUS configuration |
K0701000P325 | Dell EMC PowerMax | Authentication | iSCSI CHAP authentication |
K070100M0330 | Dell EMC PowerMax | Authentication | Maximum password age |
K070100M0335 | Dell EMC PowerMax | Authentication | SYMAPI Access ID |
K070100M0340 | Dell EMC PowerMax | Authorization | Log event file permission |
K070100M0345 | Dell EMC PowerMax | Authorization | Authorization control disabled |
K070100M0350 | Dell EMC PowerMax | Authorization | Authorization control enforcement mode |
K070100M0355 | Dell EMC PowerMax | Authorization | Secure view of user authorization rules |
K070100M0360 | Dell EMC PowerMax | Authorization | Secure view of user authorization rules |
K070100M0365 | Dell EMC PowerMax | Authorization | storsrvd directory access restriction |
K070100M0370 | Dell EMC PowerMax | Authorization | SYMCLI directory permissions |
K070100M0375 | Dell EMC PowerMax | Authorization | SYMCLI file permissions |
K070100M0380 | Dell EMC PowerMax | Backup and Recovery | GNS DB backup |
K070100M0385 | Dell EMC PowerMax | Backup and Recovery | Remote replication |
K060100M0390 | Dell EMC PowerMax | Backup and Recovery | Secure snaps |
K060100M0395 | Dell EMC PowerMax | Backup and Recovery | Snapshot retention |
K070100M0400 | Dell EMC PowerMax | Configuration Management | Central Certificate Authority (CA) |
K070100M0405 | Dell EMC PowerMax | Configuration Management | Dell EMC AppSync version |
K070100M0410 | Dell EMC PowerMax | Configuration Management | Dell EMC Unisphere 360 version |
K07010000415 | Dell EMC PowerMax | Configuration Management | DNS configuration |
K070100M0420 | Dell EMC PowerMax | Configuration Management | Embedded Unisphere for PowerMax (eMGMT) |
K070100M0425 | Dell EMC PowerMax | Configuration Management | EMC SRDF/Cluster Enabler Plug-in version |
K070100MP430 | Dell EMC PowerMax | Configuration Management | eNAS management interface |
K110100M0435 | Dell EMC PowerMax | Configuration Management | eNAS version |
K1101I0M0440 | Dell EMC PowerMax | Configuration Management | Enginuity patch level |
K0701I0M0445 | Dell EMC PowerMax | Configuration Management | Certificate issuer |
K0701I0M0450 | Dell EMC PowerMax | Configuration Management | SSL certificate status |
K070100M0455 | Dell EMC PowerMax | Configuration Management | Key server |
K070100M0460 | Dell EMC PowerMax | Configuration Management | Mainframe Enablers version |
K070100M0465 | Dell EMC PowerMax | Configuration Management | Solutions Enabler version |
K070100M0470 | Dell EMC PowerMax | Configuration Management | SRDF Adapter for VMware Site Recovery Manager version |
K070100M0475 | Dell EMC PowerMax | Configuration Management | SYMAPI host configuration |
K070100M0480 | Dell EMC PowerMax | Configuration Management | Target array microcode version |
K070100M0485 | Dell EMC PowerMax | Configuration Management | Target SYMAPI version |
K070100M0490 | Dell EMC PowerMax | Configuration Management | Unisphere for PowerMax version |
K07010000495 | Dell EMC PowerMax | Encryption | Data encryption at-rest |
K070100M0500 | Dell EMC PowerMax | Encryption | EMC ECOM encryption algorithm |
K070100M0505 | Dell EMC PowerMax | Encryption | EMC ECOM roles file encryption |
K020100M0510 | Dell EMC PowerMax | Encryption | EMC ECOM SSL cipher suite |
K07010000515 | Dell EMC PowerMax | Encryption | EMC ECOM SSL/TLS protocol |
K070100M0520 | Dell EMC PowerMax | Encryption | http service status |
K070100M0525 | Dell EMC PowerMax | Encryption | iSCSI - Wire encryption (IPSec) |
K070100M0530 | Dell EMC PowerMax | Encryption | LUN data-at-rest encryption |
K070100M0535 | Dell EMC PowerMax | Encryption | NONSECURE/ANY connection |
K070100MP540 | Dell EMC PowerMax | Encryption | PowerPath Encryption |
K070100M0545 | Dell EMC PowerMax | Encryption | SE client security level |
K070100M0550 | Dell EMC PowerMax | Encryption | Secure management server communication |
K070100M0555 | Dell EMC PowerMax | Encryption | SYMAPI encryption |
K070100M0560 | Dell EMC PowerMax | Encryption | SYMAPI SSL cipher suite strength |
K0301I0M0565 | Dell EMC PowerMax | Encryption | TLS level check |
K070100M0570 | Dell EMC PowerMax | Hardening | EMC ECOM FIPS mode |
K070100M0575 | Dell EMC PowerMax | Hardening | SYMAPI FIPS mode |
K0701I0M0580 | Dell EMC PowerMax | Hardening | SYMAPI strict certificate client name validation |
K070100MP585 | Dell EMC PowerMax | Hardening | Storsrvd daemon restriction |
K070100M0590 | Dell EMC PowerMax | Monitoring | Email notification settings |
K070100M0595 | Dell EMC PowerMax | Monitoring | SNMP active clients |
K070100M0600 | Dell EMC PowerMax | Monitoring | SNMP services status |
K070100M0605 | Dell EMC PowerMax | Monitoring | SNMP trap client configuration |
K070100M0610 | Dell EMC PowerMax | Monitoring | Unisphere SMTP server configuration |
K070100M0615 | Dell EMC PowerMax | Services and Protocols | HTTP port disabled |
K070100M0620 | Dell EMC PowerMax | Services and Protocols | Telnet service status |
... and more. |
NOTE: Secure configuration checks should be performed also against additional components such as AppSync, Unisphere 360, Solutions Enabler and other related components.
Interested to learn about StorageGuard secure configuration checks for PowerMax?
|
||
|
|
Comments
0 comments
Please sign in to leave a comment.