Installation manual
SECURITY
This section discusses access rights and protection mechanisms in the Dell/EMC CX Series.
Storage systems
All Dell/EMC CX Series should be in a secure room. The only “back door” access to the Dell/EMC
CX Series requires physical access to the serial port.
Enable security on each installed Dell/EMC CX Series. This establishes the username-password
access to the user interface (UI).
Management
The Dell/EMC CX Series provides secure management by password protection, layered access
rights, and SSL encryption of all management-related communications. For example, to access
the storage system the user must type a username and password. Both of these will be encrypted
prior to passing the access data over the IP connection.
Domains
Each Dell/EMC CX Series must be in a storage domain.
Access levels
There are multiple access levels for users in Navisphere.
• Administrator–All manager privileges. The administrator is allowed to add and
delete users and set privileges.
• Manager–The manager is allowed to change any setting in the Navisphere UI or CLI
except user-related settings.
• Monitor–The monitor can see the Dell/EMC CX Series in the domain but cannot
change any attribute.
Only one or two people should have administrator privileges. Production support staff should
have manager privileges. All others should have either monitor privilege or be undefined.
Audit logging
Navisphere has enhanced logging and auditing capabilities; the log entries are sent to the
Navisphere Management Server event log.
Password control
Passwords can be any alpha/numeric symbol. They are case sensitive. EMC has no preference
for password naming. Passwords should be changed at regular intervals and after termination of
a privileged user.
Access lost or forgotten passwords
If passwords for all privileged users are lost, the only way to access the storage system is via the
SP’s serial port.
Dell/EMC CX Series Initial Configuration
Best Practices Planning 24