Autologout – ‘autologout.console.enable = on’
Details The autologout capability is required by several security standards. In Data ONTAP these requirements can be met by setting...
- Home
- Security Hardening
- TNS NetApp Data ONTAP 7G Best Practices
TNS NetApp Data ONTAP 7G Best Practices
Autologout – ‘autologout.console.timeout <= 5'
Details The autologout capability is required by several security standards. In Data ONTAP these requirements can be met by setting...Disable/Modify Default Accts – ‘alternate admin account has been created (root)’
Details The root account needs to be disabled in order to meet many, if not all, of the GRC standards....Disable/Modify Default Accts – ‘alternate admin account has been created (snmp)’
Details Data ONTAP 7G supports SNMP versions 1c, 2, and 3 (AuthNoPriv). There are many attacks that can be run...Disable/Modify Default Accts – ‘ndmp/ndmpcopy service account’
Details The NDMP function and the ndmpcopy function, by default, use the root account as well as pass the password...Disable/Modify Default Accts – ‘security.passwd.rootaccess.enable = off’
Details The root account needs to be disabled in order to meet many, if not all, of the GRC standards....Disable/Modify Default Accts – ‘SNMP default community strings have been removed’
Details Data ONTAP 7G supports SNMP versions 1c, 2, and 3 (AuthNoPriv). There are many attacks that can be run...Disable Unnecessary Services – ‘rsh.access != legacy’
Details By default, telnet, RIPv1, rsh, and webdav are enabled. If these services are not required in your infrastructure, NetApp...Disable Unnecessary Services – ‘telnet.access != legacy’
Details By default, telnet, RIPv1, rsh, and webdav are enabled. If these services are not required in your infrastructure, NetApp...Enable Secure Admin Access – ‘ssh.passwd_auth.enable = on’
Details NetApp recommends that you configure and enable SecureAdmin immediately after initially setting up Data ONTAP. Best practice suggesting enabling...