Dell EMC OpenManage Enterprise SupportAssist version 1.1 Security Configuration Guide June 2021 Rev.
Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2021 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries.
Contents Chapter 1: Preface........................................................................................................................ 4 Legal disclaimers.................................................................................................................................................................. 4 Scope of document.............................................................................................................................................................
1 Preface Topics: • • • • Legal disclaimers Scope of document Audience Related Documentation Legal disclaimers THE INFORMATION IN THIS PUBLICATION IS PROVIDED "AS-IS." DELL MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
2 Deployment models You can download and install OpenManage Enterprise SupportAssist plug-in from dell.com (online) or from an already downloaded package in a network share (offline). You can configure this setting in OpenManage Enterprise (Application Settings > Console and Plugins > Update Settings). For more information about how to configure update settings, see Dell EMC OpenManage Enterprise User's Guide.
3 Product and Subsystem Security Topics: • • • • • • • • • Security controls map Access control Login security settings User and credential management Role and scope-based access control in OpenManage Enterprise Data security Cryptography Auditing and logging Serviceability Security controls map The following figure describes the OpenManage Enterprise SupportAssist security controls map. Access control Access control settings provide protection to the resources against unauthorized access.
Login security settings Failed login behavior For failed login behavior, see the section "Set the login security properties" in Dell OpenManage Enterprise User's Guide. Emergency user lockout For emergency user lockout behavior, see the section "Ending user sessions" in Dell OpenManage Enterprise User's Guide. User and credential management For information about the user and credential management, see Dell EMC OpenManage Enterprise User's Guide.
In OpenManage Enterprise, scope can be assigned while creating a local or importing AD/LDAP user. Scope assignment for OIDC users can be done only on Open ID Connect (OIDC) providers. SBAC for Local users: While creating or editing a local user with DM role, admin can select one or more device groups that defines the scope for the DM. For example, you (as an administrator) create a DM user named dm1 and assign group g1 present under custom groups.
Table 1.
Cryptography OpenManage Enterprise SupportAssist applies cryptography in the following components. ● Access control ● Authentication ● Digital signatures For more information, see Dell EMC OpenManage Enterprise User's Guide Auditing and logging Audit logs lists the actions that were performed on the devices that are monitored by OpenManage Enterprise. Log data help you or Dell EMC Support teams in troubleshooting and analysis. The audit log files can be exported to the CSV file format.
4 Contacting Dell Prerequisites NOTE: If you do not have an active Internet connection, you can find contact information on your purchase invoice, packing slip, bill, or Dell product catalog. About this task Dell provides several online and telephone-based support and service options. Availability varies by country and product, and some services may not be available in your area. To contact Dell for sales, technical support, or customer service issues: Steps 1. Go to Dell.com/support. 2.
5 Accessing support content from the Dell EMC support site Access supporting content related to an array of systems management tools using direct links, going to the Dell EMC support site, or using a search engine. ● Direct links: ○ For Dell EMC Enterprise Systems Management and Dell EMC Remote Enterprise Systems Management—https:// www.dell.com/esmmanuals ○ For Dell EMC Virtualization Solutions—https://www.dell.com/SoftwareManuals ○ For Dell EMC OpenManage—https://www.dell.