Manualshelf

HP StorageWorks P9000 Command View Advanced Edition Suite Software 7.1.1 Administrator Guide (web) (TB581-96065, September 2011)

ManualsBrandsHP ManualsSoftwareHP XP Array Manager Enterprise Media Kit
21222324252627282930
WARNING!
P9500, XP24000/XP20000, XP12000/XP10000/SVS200 and XP1024/XP128 have a public LAN
and a private LAN. Device Manager uses the public LAN to communicate with the SVP about the
array and configuration changes.
Do not
under any circumstances attach the private LAN to an
external network because this can cause serious problems on the array.
Common security risks
System administrators frequently separate production LANs from management LANs. In such cases,
management LANs act as a separate network, which isolates management traffic from a production
network and reduces the risk of security-related threats. If a management controller such as the SVP
exists on a production LAN, the storage systems are left open for access by any entity on the IP
network. Whether the access is intentional or not, the resulting security risks can lead to DoS (Denial
of Service) attacks and actual loss of storage availability. DoS attacks may lead to a management
session being hijacked for malicious purposes, such as unbinding a storage extent from a port during
an I/O operation.
The following are guidelines for constructing management LANs:
Traffic from the production LAN should not flow through, or be routed to the management LAN.
If possible, all hosts with management interfaces or controllers on the management LAN should
be hardened to their maximum level to reduce the potential that software other than the management
interface will not lead to an exploit of the entire station or device. (In this case, hardening should
include removal of unnecessary software, shutting down nonessential services, and updating to
the latest patches.)
The management LAN should only intersect a production LAN on those computers acting as an
interface between the management LAN and the production LAN (for example, the Device Manager
server).
If possible, those computers intersecting both private LAN and management LAN should be behind
a firewall of some kind, further inhibiting unintended access.
Level 1 security: Setting up a firewall and creating a separate management LAN
In this case, the computer hosting Device Manager server must either be dual-homed or have two
NICs, and every other management application must be of a similar configuration. The first NIC for
each computer is attached to a LAN dedicated to manage traffic between the management computer
and managed storage systems. A second NIC is attached to a LAN where access is governed by a
firewall. As shown in Figure 2, each application server could also be connected to a different LAN
that has a different firewall. The firewall contains strict access rules that allow the management servers
to be accessed only by Device Manager clients or by specified management application clients.
This configuration is the most secure but is the least flexible implementation, as it requires overhead
to manage all of the various network components, servers, and devices under management. Adding
further security to this configuration requires that the underlying management application OS be
hardened to the maximum possible limit. This might include disabling services such as Telnet, FTP,
SMTP, or IIS. Additionally, if possible all unnecessary packages should be removed.
System configuration and requirements26