Welcome to the last part of the “Self-Managing Storage” blog series. In this blog, let us try to understand how Active IQ Unified Manager simplifies Security Management through lifecycle management.
Security Lifecycle Management.
If you ask your storage IT admins what keeps them up at night, 9 out of 10 will most likely say security of their storage and the data on them. The security of the storage systems is of great importance to IT admins and storage administrators. Active IQ Unified Manager has been focusing to bring in Security Lifecycle Management to solidify and verify if the NetApp systems are adhering to the NetApp security best practices.
In Active IQ Unified Manager 9.8, we have enhanced the preventive management of the security lifecycle. (The proactive and reactive management of the security lifecycle will be supported in future releases.)
Figure 1: Security Lifecycle Management
Preventive Management Remediations
For the Active IQ Unified Manager 9.8 release, we built upon the infrastructure first introduced in 9.7 to place more preventive management actions. These actions include:
Check for proper NTP servers
Verifying proper cluster logging
Check if proper security login banners are set on the cluster level and storage VM level
Securing cluster access using the correct ciphers
Active IQ Unified Manager 9.8 gives you the option for remediating these security issues using a simple “Fix It” button on the Management Actions card on the dashboard.
Below are examples of each new Security LifeCycle action and its solution.
Audit Log Disable Events
This event is generated when the audit log is not enabled for the storage VM. Active IQ Unified Manager provides a remediation by enabling audit logging for the storage VM in a single click. Note that the storage VM must already have either a local or remote audit log location configured.
Figure 2: Audit Log Example
Login Banner Disabled Event
This event is generated when the banner for the cluster and the SVM is not enabled and set for making access restrictions more clear. Active IQ Unified Manager provides remediation by setting the login banner to “Access Restricted to authorized users” on the cluster and storage VM.
Figure 3: Login Banner for Storage VM example
Figure 4 :Login Banner for Cluster example
SSH Using Insecure Ciphers Event
This event is generated when ciphers with the suffix “-cbc” which are considered insecure are used. Active IQ Unified Manager provides remediation by removing insecure ciphers from the cluster and storage VM.
Figure 5: Insecure Ciphers for Cluster example
Figure 6 :Insecure Ciphers for Storage VM example
AutoSupport HTTPS transport disabled event
This event is generated when the transport protocol used to send AutoSuport messages to NetApp’s technical support is not encrypted. Active IQ Unified Manager provides remediation by setting the transport protocol for AutoSupport messages on the cluster as HTTPS.
Figure 7 :AutoSupport HTTPS example
There is More!
We hope that you now have an overall understanding of the Security Management Lifecycle Management feature that we have introduced in Active IQ Unified Manager 9.8.
Make sure to read the blogs in this blog series for an in-depth understanding of performance, capacity, and security lifecycle management.
Self-Managing Storage: Part 1 – Understanding Active IQ Unified Manager LifeCycle Management