This page provides a list of recommended secure configuration checks (benchmark) for Dell EMC PowerMax, and is periodically updated. PowerMax is Dell EMC's flagship enterprise data storage system.
Interested to learn about StorageGuard Benchmark Checks for Dell PowerMax? |
||
|
|
ID | System | Category | Configuration check |
K070100MP100 | Dell PowerMax | Access Control | Approved Solutions Enabler (SE) management servers |
K07010000105 | Dell PowerMax | Access Control | Approved SYMAPI/SYMCLI client hosts |
K020100M0110 | Dell PowerMax | Access Control | Cloud IQ status |
K0701I0M0115 | Dell PowerMax | Access Control | EMC ECOM external connection limit per host |
K070100M0120 | Dell PowerMax | Access Control | ESRS Policy Manager 'Start Remote Terminal' setting |
K020100M0125 | Dell PowerMax | Access Control | FCID Lockdown |
K020100M0130 | Dell PowerMax | Access Control | LUN masking |
K070100MP135 | Dell PowerMax | Access Control | Non-default local administrative user accounts |
K070100MP140 | Dell PowerMax | Access Control | Non-default local user accounts |
K030100M0145 | Dell PowerMax | Access Control | Remote support configuration |
K03010000150 | Dell PowerMax | Access Control | SE Host access list |
K070100M0155 | Dell PowerMax | Access Control | Security Administrator user |
K070100M0160 | Dell PowerMax | Access Control | SYMAPI server session restrictions |
K070100M0165 | Dell PowerMax | Access Control | Unauthorized user groups |
K070100M0170 | Dell PowerMax | Access Control | Unisphere Session timeout |
K0701I0M0175 | Dell PowerMax | Audit | Approved syslog servers |
K0901I0M0180 | Dell PowerMax | Audit | Centralized log server redundancy |
K090100M0185 | Dell PowerMax | Audit | EMC ECOM CST logging status |
K070100M0190 | Dell PowerMax | Audit | EMC ECOM security logging enabled |
K070100M0195 | Dell PowerMax | Audit | SE Background Audit logging |
K070100M0200 | Dell PowerMax | Audit | SE centralized log server |
K070100M0205 | Dell PowerMax | Audit | SE event / syslog configuration |
K070100M0210 | Dell PowerMax | Audit | SE host NTP server configuration |
K070100M0215 | Dell PowerMax | Audit | SE host NTP server redundancy |
K0701000P220 | Dell PowerMax | Audit | SE Local audit log retention |
K070100M0225 | Dell PowerMax | Authentication | Central authentication |
K070100M0230 | Dell PowerMax | Authentication | Cross-host authentication for client-server comm |
K070100M0235 | Dell PowerMax | Authentication | Default password (Dell EMC SRM) |
K070100M0240 | Dell PowerMax | Authentication | Default password (EMC Solutions Integration Service) |
K070100M0245 | Dell PowerMax | Authentication | Default password (EMC ViPR, ViPR reporting) |
K070100M0250 | Dell PowerMax | Authentication | Default password (EMC VSI for VMware vSphere Web Client) |
K070100M0255 | Dell PowerMax | Authentication | Default password (ESRS Policy Manager Server) |
K070100M0260 | Dell PowerMax | Authentication | Default password (Unisphere) |
K070100M0265 | Dell PowerMax | Authentication | Default password (VASA/SE Virtual Appliance) |
K07010000270 | Dell PowerMax | Authentication | Default passwords |
K070100M0275 | Dell PowerMax | Authentication | Default SNMP strings |
K070100M0280 | Dell PowerMax | Authentication | EMC ECOM certificate authentication status |
K070100M0285 | Dell PowerMax | Authentication | EMC ECOM CIMRequest authentication |
K070100M0290 | Dell PowerMax | Authentication | EMC ECOM CST authentication cache refresh interval |
K070100M0295 | Dell PowerMax | Authentication | EMC ECOM HTTP challenge mechanism |
K070100M0300 | Dell PowerMax | Authentication | EMC ECOM Non-CIMRequest authentication status |
K070100M0305 | Dell PowerMax | Authentication | EMC ECOM SSL client authentication |
K070100M0310 | Dell PowerMax | Authentication | EMC ECOM SSL server authentication |
K07010000315 | Dell PowerMax | Authentication | Enhanced (Kerberos) user authentication |
K070100M0320 | Dell PowerMax | Authentication | iSCSI - RADIUS configuration |
K0701000P325 | Dell PowerMax | Authentication | iSCSI CHAP authentication |
K070100M0330 | Dell PowerMax | Authentication | Maximum password age |
K070100M0335 | Dell PowerMax | Authentication | SYMAPI Access ID |
K070100M0340 | Dell PowerMax | Authorization | Log event file permission |
K070100M0345 | Dell PowerMax | Authorization | Authorization control disabled |
K070100M0350 | Dell PowerMax | Authorization | Authorization control enforcement mode |
K070100M0355 | Dell PowerMax | Authorization | Secure view of user authorization rules |
K070100M0360 | Dell PowerMax | Authorization | Secure view of user authorization rules |
K070100M0365 | Dell PowerMax | Authorization | storsrvd directory access restriction |
K070100M0370 | Dell PowerMax | Authorization | SYMCLI directory permissions |
K070100M0375 | Dell PowerMax | Authorization | SYMCLI file permissions |
K070100M0380 | Dell PowerMax | Backup and Recovery | GNS DB backup |
K070100M0385 | Dell PowerMax | Backup and Recovery | Remote replication |
K060100M0390 | Dell PowerMax | Backup and Recovery | Secure snaps |
K060100M0395 | Dell PowerMax | Backup and Recovery | Snapshot retention |
K070100M0400 | Dell PowerMax | Configuration Management | Central Certificate Authority (CA) |
K070100M0405 | Dell PowerMax | Configuration Management | Dell EMC AppSync version |
K070100M0410 | Dell PowerMax | Configuration Management | Dell EMC Unisphere 360 version |
K07010000415 | Dell PowerMax | Configuration Management | DNS configuration |
K070100M0420 | Dell PowerMax | Configuration Management | Embedded Unisphere for PowerMax (eMGMT) |
K070100M0425 | Dell PowerMax | Configuration Management | EMC SRDF/Cluster Enabler Plug-in version |
K070100MP430 | Dell PowerMax | Configuration Management | eNAS management interface |
K110100M0435 | Dell PowerMax | Configuration Management | eNAS version |
K1101I0M0440 | Dell PowerMax | Configuration Management | Enginuity patch level |
K0701I0M0445 | Dell PowerMax | Configuration Management | Certificate issuer |
K0701I0M0450 | Dell PowerMax | Configuration Management | SSL certificate status |
K070100M0455 | Dell PowerMax | Configuration Management | Key server |
K070100M0460 | Dell PowerMax | Configuration Management | Mainframe Enablers version |
K070100M0465 | Dell PowerMax | Configuration Management | Solutions Enabler version |
K070100M0470 | Dell PowerMax | Configuration Management | SRDF Adapter for VMware Site Recovery Manager version |
K070100M0475 | Dell PowerMax | Configuration Management | SYMAPI host configuration |
K070100M0480 | Dell PowerMax | Configuration Management | Target array microcode version |
K070100M0485 | Dell PowerMax | Configuration Management | Target SYMAPI version |
K070100M0490 | Dell PowerMax | Configuration Management | Unisphere for PowerMax version |
K07010000495 | Dell PowerMax | Encryption | Data encryption at-rest |
K070100M0500 | Dell PowerMax | Encryption | EMC ECOM encryption algorithm |
K070100M0505 | Dell PowerMax | Encryption | EMC ECOM roles file encryption |
K020100M0510 | Dell PowerMax | Encryption | EMC ECOM SSL cipher suite |
K07010000515 | Dell PowerMax | Encryption | EMC ECOM SSL/TLS protocol |
K070100M0520 | Dell PowerMax | Encryption | http service status |
K070100M0525 | Dell PowerMax | Encryption | iSCSI - Wire encryption (IPSec) |
K070100M0530 | Dell PowerMax | Encryption | LUN data-at-rest encryption |
K070100M0535 | Dell PowerMax | Encryption | NONSECURE/ANY connection |
K070100MP540 | Dell PowerMax | Encryption | PowerPath Encryption |
K070100M0545 | Dell PowerMax | Encryption | SE client security level |
K070100M0550 | Dell PowerMax | Encryption | Secure management server communication |
K070100M0555 | Dell PowerMax | Encryption | SYMAPI encryption |
K070100M0560 | Dell PowerMax | Encryption | SYMAPI SSL cipher suite strength |
K0301I0M0565 | Dell PowerMax | Encryption | TLS level check |
K070100M0570 | Dell PowerMax | Hardening | EMC ECOM FIPS mode |
K070100M0575 | Dell PowerMax | Hardening | SYMAPI FIPS mode |
K0701I0M0580 | Dell PowerMax | Hardening | SYMAPI strict certificate client name validation |
K070100MP585 | Dell PowerMax | Hardening | Storsrvd daemon restriction |
K070100M0590 | Dell PowerMax | Monitoring | Email notification settings |
K070100M0595 | Dell PowerMax | Monitoring | SNMP active clients |
K070100M0600 | Dell PowerMax | Monitoring | SNMP services status |
K070100M0605 | Dell PowerMax | Monitoring | SNMP trap client configuration |
K070100M0610 | Dell PowerMax | Monitoring | Unisphere SMTP server configuration |
K070100M0615 | Dell PowerMax | Services and Protocols | HTTP port disabled |
K070100M0620 | Dell PowerMax | Services and Protocols | Telnet service status |
... and more. |
NOTE: Secure configuration checks should be performed also against additional components such as AppSync, Unisphere 360, Solutions Enabler and other related components.
Comments
0 comments
Please sign in to leave a comment.