This page provides a list of recommended secure configuration checks for Dell EMC PowerScale, and is periodically updated.
Dell EMC PowerScale is an enterprise network-attached storage (NAS) platforms for high-volume storage, backup and archiving of unstructured data.
| System | Category | Configuration check |
| Dell EMC PowerScale | Access Control | /ifs root share status |
| Dell EMC PowerScale | Access Control | Access Based Enumeration |
| Dell EMC PowerScale | Access Control | Account lockout threshold |
| Dell EMC PowerScale | Access Control | browsable share status |
| Dell EMC PowerScale | Access Control | CIFS share user access list |
| Dell EMC PowerScale | Access Control | External firewall configuration |
| Dell EMC PowerScale | Access Control | Idle session timeout (CLI) |
| Dell EMC PowerScale | Access Control | Idle session timeout (SSH) |
| Dell EMC PowerScale | Access Control | IPMI default password |
| Dell EMC PowerScale | Access Control | IPMI IP ACL |
| Dell EMC PowerScale | Access Control | IPMI power control |
| Dell EMC PowerScale | Access Control | IPMI Serial over LAN |
| Dell EMC PowerScale | Access Control | IPMI status |
| Dell EMC PowerScale | Access Control | IPMI user list |
| Dell EMC PowerScale | Access Control | Login banner status |
| Dell EMC PowerScale | Access Control | Minimum account lockout duration |
| Dell EMC PowerScale | Access Control | MOTD message |
| Dell EMC PowerScale | Access Control | MOTD status |
| Dell EMC PowerScale | Access Control | NFS export client access list |
| Dell EMC PowerScale | Access Control | Non-default local users |
| Dell EMC PowerScale | Access Control | System and data access zone separation |
| Dell EMC PowerScale | Access Control | Unknown user UID |
| Dell EMC PowerScale | Access Control | Web-based access isolated to a specific management network |
| Dell EMC PowerScale | Access Control | Zone Host ACL |
| Dell EMC PowerScale | Audit | Approved external syslog servers |
| Dell EMC PowerScale | Audit | Approved NTP Servers |
| Dell EMC PowerScale | Audit | Approved NTP servers |
| Dell EMC PowerScale | Audit | Audit settings |
| Dell EMC PowerScale | Audit | Centralized log server |
| Dell EMC PowerScale | Audit | Centralized log server redundancy |
| Dell EMC PowerScale | Audit | Configuration change auditing |
| Dell EMC PowerScale | Audit | Event forwarding to CEE |
| Dell EMC PowerScale | Audit | Log retention period |
| Dell EMC PowerScale | Audit | NTP authentication |
| Dell EMC PowerScale | Audit | NTP server configuration |
| Dell EMC PowerScale | Audit | NTP server redundancy |
| Dell EMC PowerScale | Audit | Protocol auditing |
| Dell EMC PowerScale | Audit | Required external syslog servers |
| Dell EMC PowerScale | Audit | Required NTP Servers |
| Dell EMC PowerScale | Audit | syslog facility |
| Dell EMC PowerScale | Audit | Syslog min severity |
| Dell EMC PowerScale | Authentication | Approved Active Directory provider |
| Dell EMC PowerScale | Authentication | Approved authentication provider |
| Dell EMC PowerScale | Authentication | Approved Kerberos providers |
| Dell EMC PowerScale | Authentication | Approved KMIP servers |
| Dell EMC PowerScale | Authentication | Approved LDAP Servers |
| Dell EMC PowerScale | Authentication | Default passwords |
| Dell EMC PowerScale | Authentication | Kerberos authentication status |
| Dell EMC PowerScale | Authentication | KMIP status |
| Dell EMC PowerScale | Authentication | Maximum password age |
| Dell EMC PowerScale | Authentication | Minimum password age |
| Dell EMC PowerScale | Authentication | Minimum password length |
| Dell EMC PowerScale | Authentication | NDMP password strength |
| Dell EMC PowerScale | Authentication | NTLMv2 status |
| Dell EMC PowerScale | Authentication | Password complexity |
| Dell EMC PowerScale | Authentication | Password history |
| Dell EMC PowerScale | Authentication | Password last change |
| Dell EMC PowerScale | Authentication | Required Active Directory provider |
| Dell EMC PowerScale | Authentication | Required Identity provider (Kerberos) |
| Dell EMC PowerScale | Authentication | Required LDAP provider |
| Dell EMC PowerScale | Authentication | SNMP community default string |
| Dell EMC PowerScale | Authentication | SNMP user authentication |
| Dell EMC PowerScale | Authentication | SNMP user authentication algorithm strength |
| Dell EMC PowerScale | Authentication | Two-factor authentication |
| Dell EMC PowerScale | Authorization | Approved admin user / group |
| Dell EMC PowerScale | Authorization | File share user access rights |
| Dell EMC PowerScale | Authorization | Guest account is disabled |
| Dell EMC PowerScale | Authorization | nobody user status |
| Dell EMC PowerScale | Authorization | SNMP user permission |
| Dell EMC PowerScale | Backup and Recovery | Configuration backup |
| Dell EMC PowerScale | Backup and Recovery | Data/Backup Retention |
| Dell EMC PowerScale | Backup and Recovery | Protected recovery copies |
| Dell EMC PowerScale | Backup and Recovery | Ransomware defender configuration |
| Dell EMC PowerScale | Backup and Recovery | Remote copy |
| Dell EMC PowerScale | Backup and Recovery | remote replication configuration |
| Dell EMC PowerScale | Backup and Recovery | SmartLock domains |
| Dell EMC PowerScale | Backup and Recovery | SmartLock mode |
| Dell EMC PowerScale | Backup and Recovery | SmartLock status |
| Dell EMC PowerScale | Backup and Recovery | Snapshot access |
| Dell EMC PowerScale | Backup and Recovery | Snapshot autodelete |
| Dell EMC PowerScale | Backup and Recovery | Snapshot configuration |
| Dell EMC PowerScale | Backup and Recovery | WORM Domain default retention |
| Dell EMC PowerScale | Backup and Recovery | WORM Domain maximum retention |
| Dell EMC PowerScale | Backup and Recovery | WORM Domain minimum retention |
| Dell EMC PowerScale | Backup and Recovery | WORM Domain Override retention date |
| Dell EMC PowerScale | Backup and Recovery | WORM Domain privileged delete status |
| Dell EMC PowerScale | Configuration Management | Approved DNS server |
| Dell EMC PowerScale | Configuration Management | Approved PowerScale release |
| Dell EMC PowerScale | Configuration Management | DNS server redundancy |
| Dell EMC PowerScale | Configuration Management | DNS service status |
| Dell EMC PowerScale | Configuration Management | Drive firmware |
| Dell EMC PowerScale | Configuration Management | NFS versions enabled |
| Dell EMC PowerScale | Configuration Management | Remote support configuration |
| Dell EMC PowerScale | Configuration Management | Remote support status |
| Dell EMC PowerScale | Configuration Management | Required DNS server |
| Dell EMC PowerScale | Configuration Management | Target OneFS version |
| Dell EMC PowerScale | Encryption | Central Certificate Authority (CA) status |
| Dell EMC PowerScale | Encryption | Certificate issuer |
| Dell EMC PowerScale | Encryption | Certificate thumbprint algorithm |
| Dell EMC PowerScale | Encryption | Data-at-rest encryption |
| Dell EMC PowerScale | Encryption | Default encryption enabled |
| Dell EMC PowerScale | Encryption | OCSP configuration |
| Dell EMC PowerScale | Encryption | Reject unencrypted access |
| Dell EMC PowerScale | Encryption | Replication encryption |
| Dell EMC PowerScale | Encryption | SMB Encryption |
| Dell EMC PowerScale | Encryption | SMB Security Signatures |
| Dell EMC PowerScale | Encryption | SNMP message privacy |
| Dell EMC PowerScale | Encryption | SNMP message privacy algorithm strength |
| Dell EMC PowerScale | Encryption | SSH MAC strength |
| Dell EMC PowerScale | Encryption | SSL certificate status |
| Dell EMC PowerScale | Encryption | TLS level check |
| Dell EMC PowerScale | Hardening | Cluster join mode |
| Dell EMC PowerScale | Hardening | Hardening status |
| Dell EMC PowerScale | Hardening | root user status |
| Dell EMC PowerScale | Malware Protection | Antivirus server configuration |
| Dell EMC PowerScale | Malware Protection | Antivirus server redundancy |
| Dell EMC PowerScale | Malware Protection | Approved Antivirus (ICAP) server |
| Dell EMC PowerScale | Malware Protection | CEE forwarding to external file policy server |
| Dell EMC PowerScale | Malware Protection | Ransomware file filtering |
| Dell EMC PowerScale | Malware Protection | Required Antivirus server |
| Dell EMC PowerScale | Monitoring | Email notifications |
| Dell EMC PowerScale | Monitoring | SNMP monitoring |
| Dell EMC PowerScale | Monitoring | Telemetry status |
| Dell EMC PowerScale | Services and Protocols | FTP service status |
| Dell EMC PowerScale | Services and Protocols | HDFS access |
| Dell EMC PowerScale | Services and Protocols | HTTP access |
| Dell EMC PowerScale | Services and Protocols | NDMP status |
| Dell EMC PowerScale | Services and Protocols | NFS access |
| Dell EMC PowerScale | Services and Protocols | S3 service status |
| Dell EMC PowerScale | Services and Protocols | SMB access |
| Dell EMC PowerScale | Services and Protocols | SMBv1 status |
| Dell EMC PowerScale | Services and Protocols | SMBv2 status |
| Dell EMC PowerScale | Services and Protocols | SNMP agent Status |
| Dell EMC PowerScale | Services and Protocols | SNMP status |
| Dell EMC PowerScale | Services and Protocols | SNMPv1 / SNMPv2 status |
| Dell EMC PowerScale | Services and Protocols | Support NetBIOS |
| Dell EMC PowerScale | Services and Protocols | Swift access |
| Dell EMC PowerScale | Services and Protocols | SyncIQ status |
| Dell EMC PowerScale | Services and Protocols | Telnet access |
| ... and more. |
NOTE: Security baseline checks should be performed also against additional components such as DataIQ, InsightIQ, iDRAC, Superna and other related components.
|
Interested to learn about StorageGuard secure configuration checks for Storage and Backup systems? |
Comments
0 comments
Please sign in to leave a comment.