This page provides a list of recommended secure configuration checks for Dell EMC PowerScale, and is periodically updated.
Dell EMC PowerScale is an enterprise network-attached storage (NAS) platforms for high-volume storage, backup and archiving of unstructured data.
System | Category | Configuration check |
Dell EMC PowerScale | Access Control | /ifs root share status |
Dell EMC PowerScale | Access Control | Access Based Enumeration |
Dell EMC PowerScale | Access Control | Account lockout threshold |
Dell EMC PowerScale | Access Control | browsable share status |
Dell EMC PowerScale | Access Control | CIFS share user access list |
Dell EMC PowerScale | Access Control | External firewall configuration |
Dell EMC PowerScale | Access Control | Idle session timeout (CLI) |
Dell EMC PowerScale | Access Control | Idle session timeout (SSH) |
Dell EMC PowerScale | Access Control | IPMI default password |
Dell EMC PowerScale | Access Control | IPMI IP ACL |
Dell EMC PowerScale | Access Control | IPMI power control |
Dell EMC PowerScale | Access Control | IPMI Serial over LAN |
Dell EMC PowerScale | Access Control | IPMI status |
Dell EMC PowerScale | Access Control | IPMI user list |
Dell EMC PowerScale | Access Control | Login banner status |
Dell EMC PowerScale | Access Control | Minimum account lockout duration |
Dell EMC PowerScale | Access Control | MOTD message |
Dell EMC PowerScale | Access Control | MOTD status |
Dell EMC PowerScale | Access Control | NFS export client access list |
Dell EMC PowerScale | Access Control | Non-default local users |
Dell EMC PowerScale | Access Control | System and data access zone separation |
Dell EMC PowerScale | Access Control | Unknown user UID |
Dell EMC PowerScale | Access Control | Web-based access isolated to a specific management network |
Dell EMC PowerScale | Access Control | Zone Host ACL |
Dell EMC PowerScale | Audit | Approved external syslog servers |
Dell EMC PowerScale | Audit | Approved NTP Servers |
Dell EMC PowerScale | Audit | Approved NTP servers |
Dell EMC PowerScale | Audit | Audit settings |
Dell EMC PowerScale | Audit | Centralized log server |
Dell EMC PowerScale | Audit | Centralized log server redundancy |
Dell EMC PowerScale | Audit | Configuration change auditing |
Dell EMC PowerScale | Audit | Event forwarding to CEE |
Dell EMC PowerScale | Audit | Log retention period |
Dell EMC PowerScale | Audit | NTP authentication |
Dell EMC PowerScale | Audit | NTP server configuration |
Dell EMC PowerScale | Audit | NTP server redundancy |
Dell EMC PowerScale | Audit | Protocol auditing |
Dell EMC PowerScale | Audit | Required external syslog servers |
Dell EMC PowerScale | Audit | Required NTP Servers |
Dell EMC PowerScale | Audit | syslog facility |
Dell EMC PowerScale | Audit | Syslog min severity |
Dell EMC PowerScale | Authentication | Approved Active Directory provider |
Dell EMC PowerScale | Authentication | Approved authentication provider |
Dell EMC PowerScale | Authentication | Approved Kerberos providers |
Dell EMC PowerScale | Authentication | Approved KMIP servers |
Dell EMC PowerScale | Authentication | Approved LDAP Servers |
Dell EMC PowerScale | Authentication | Default passwords |
Dell EMC PowerScale | Authentication | Kerberos authentication status |
Dell EMC PowerScale | Authentication | KMIP status |
Dell EMC PowerScale | Authentication | Maximum password age |
Dell EMC PowerScale | Authentication | Minimum password age |
Dell EMC PowerScale | Authentication | Minimum password length |
Dell EMC PowerScale | Authentication | NDMP password strength |
Dell EMC PowerScale | Authentication | NTLMv2 status |
Dell EMC PowerScale | Authentication | Password complexity |
Dell EMC PowerScale | Authentication | Password history |
Dell EMC PowerScale | Authentication | Password last change |
Dell EMC PowerScale | Authentication | Required Active Directory provider |
Dell EMC PowerScale | Authentication | Required Identity provider (Kerberos) |
Dell EMC PowerScale | Authentication | Required LDAP provider |
Dell EMC PowerScale | Authentication | SNMP community default string |
Dell EMC PowerScale | Authentication | SNMP user authentication |
Dell EMC PowerScale | Authentication | SNMP user authentication algorithm strength |
Dell EMC PowerScale | Authentication | Two-factor authentication |
Dell EMC PowerScale | Authorization | Approved admin user / group |
Dell EMC PowerScale | Authorization | File share user access rights |
Dell EMC PowerScale | Authorization | Guest account is disabled |
Dell EMC PowerScale | Authorization | nobody user status |
Dell EMC PowerScale | Authorization | SNMP user permission |
Dell EMC PowerScale | Backup and Recovery | Configuration backup |
Dell EMC PowerScale | Backup and Recovery | Data/Backup Retention |
Dell EMC PowerScale | Backup and Recovery | Protected recovery copies |
Dell EMC PowerScale | Backup and Recovery | Ransomware defender configuration |
Dell EMC PowerScale | Backup and Recovery | Remote copy |
Dell EMC PowerScale | Backup and Recovery | remote replication configuration |
Dell EMC PowerScale | Backup and Recovery | SmartLock domains |
Dell EMC PowerScale | Backup and Recovery | SmartLock mode |
Dell EMC PowerScale | Backup and Recovery | SmartLock status |
Dell EMC PowerScale | Backup and Recovery | Snapshot access |
Dell EMC PowerScale | Backup and Recovery | Snapshot autodelete |
Dell EMC PowerScale | Backup and Recovery | Snapshot configuration |
Dell EMC PowerScale | Backup and Recovery | WORM Domain default retention |
Dell EMC PowerScale | Backup and Recovery | WORM Domain maximum retention |
Dell EMC PowerScale | Backup and Recovery | WORM Domain minimum retention |
Dell EMC PowerScale | Backup and Recovery | WORM Domain Override retention date |
Dell EMC PowerScale | Backup and Recovery | WORM Domain privileged delete status |
Dell EMC PowerScale | Configuration Management | Approved DNS server |
Dell EMC PowerScale | Configuration Management | Approved PowerScale release |
Dell EMC PowerScale | Configuration Management | DNS server redundancy |
Dell EMC PowerScale | Configuration Management | DNS service status |
Dell EMC PowerScale | Configuration Management | Drive firmware |
Dell EMC PowerScale | Configuration Management | NFS versions enabled |
Dell EMC PowerScale | Configuration Management | Remote support configuration |
Dell EMC PowerScale | Configuration Management | Remote support status |
Dell EMC PowerScale | Configuration Management | Required DNS server |
Dell EMC PowerScale | Configuration Management | Target OneFS version |
Dell EMC PowerScale | Encryption | Central Certificate Authority (CA) status |
Dell EMC PowerScale | Encryption | Certificate issuer |
Dell EMC PowerScale | Encryption | Certificate thumbprint algorithm |
Dell EMC PowerScale | Encryption | Data-at-rest encryption |
Dell EMC PowerScale | Encryption | Default encryption enabled |
Dell EMC PowerScale | Encryption | OCSP configuration |
Dell EMC PowerScale | Encryption | Reject unencrypted access |
Dell EMC PowerScale | Encryption | Replication encryption |
Dell EMC PowerScale | Encryption | SMB Encryption |
Dell EMC PowerScale | Encryption | SMB Security Signatures |
Dell EMC PowerScale | Encryption | SNMP message privacy |
Dell EMC PowerScale | Encryption | SNMP message privacy algorithm strength |
Dell EMC PowerScale | Encryption | SSH MAC strength |
Dell EMC PowerScale | Encryption | SSL certificate status |
Dell EMC PowerScale | Encryption | TLS level check |
Dell EMC PowerScale | Hardening | Cluster join mode |
Dell EMC PowerScale | Hardening | Hardening status |
Dell EMC PowerScale | Hardening | root user status |
Dell EMC PowerScale | Malware Protection | Antivirus server configuration |
Dell EMC PowerScale | Malware Protection | Antivirus server redundancy |
Dell EMC PowerScale | Malware Protection | Approved Antivirus (ICAP) server |
Dell EMC PowerScale | Malware Protection | CEE forwarding to external file policy server |
Dell EMC PowerScale | Malware Protection | Ransomware file filtering |
Dell EMC PowerScale | Malware Protection | Required Antivirus server |
Dell EMC PowerScale | Monitoring | Email notifications |
Dell EMC PowerScale | Monitoring | SNMP monitoring |
Dell EMC PowerScale | Monitoring | Telemetry status |
Dell EMC PowerScale | Services and Protocols | FTP service status |
Dell EMC PowerScale | Services and Protocols | HDFS access |
Dell EMC PowerScale | Services and Protocols | HTTP access |
Dell EMC PowerScale | Services and Protocols | NDMP status |
Dell EMC PowerScale | Services and Protocols | NFS access |
Dell EMC PowerScale | Services and Protocols | S3 service status |
Dell EMC PowerScale | Services and Protocols | SMB access |
Dell EMC PowerScale | Services and Protocols | SMBv1 status |
Dell EMC PowerScale | Services and Protocols | SMBv2 status |
Dell EMC PowerScale | Services and Protocols | SNMP agent Status |
Dell EMC PowerScale | Services and Protocols | SNMP status |
Dell EMC PowerScale | Services and Protocols | SNMPv1 / SNMPv2 status |
Dell EMC PowerScale | Services and Protocols | Support NetBIOS |
Dell EMC PowerScale | Services and Protocols | Swift access |
Dell EMC PowerScale | Services and Protocols | SyncIQ status |
Dell EMC PowerScale | Services and Protocols | Telnet access |
... and more. |
NOTE: Security baseline checks should be performed also against additional components such as DataIQ, InsightIQ, iDRAC, Superna and other related components.
Interested to learn about StorageGuard secure configuration checks for Storage and Backup systems? |
Comments
0 comments
Please sign in to leave a comment.