Administrator Guide

ManualsBrandsDell ManualsCompellent (SCStorage SCv2000

511

512

513

514

515

516

517

518

519

520

Related link

Connect to the FluidFS Cluster CLI Through SSH Using a Password

Managing Secured Management

By default, all FluidFS cluster management ports are open on all subnets, along with the other ports needed for client access (SMB/

NFS), replication, and NDMP. Secured management, when enabled, exclusively limits all management trac to one specic subnet.

The subnet on which secured management is enabled also has the necessary ports open for client access, replication, FTP, and

NDMP trac. Other subnets will not have any of the management ports listening on them, making them available only for client

access, replication, and NDMP trac. This setup prevents users on client (data) access subnets from accessing any

FluidFS cluster

management functions.

In FluidFS, the management ports listed in the following table do not participate in SMB/NFS communication, but are exposed on

the client network by default. Enabling secured management allows you to expose the management ports on a management subnet

only.

Service Port

Web Services 80

Secure Web Services 443

FTP 44421

FTP (Passive) 44430–44439

SSH 22

Storage Manager communication 35451

Secured management can be enabled only after the system is deployed. To make a subnet secure:

• It must exist prior to enabling the secured management feature.

• It can reside on the client network (subnet-level isolation of management trac) or the LOM (Lights Out Management) Ethernet

port (physical isolation of management trac). The LOM Ethernet port is located on the lower-right side of the back panel of a

NAS controller.

• You must log in from this subnet.

Add a Secured Management Subnet

The subnet on which you enable secured management must exist prior to enabling the secured management feature.

1. Click the Storage view and select a FluidFS cluster.

2. Click the File System tab.

3. In the File System panel, expand Environment, select Network, and then click the Management Network tab.

4. Click Create Management Subnet. The Congure Client Network dialog box appears.

5. From the Interface drop-down menu, select the interface on which the secured management subnet is located.

• Select Admin to use the LOM Ethernet port for physical isolation of management trac. You must also connect a network

cable to the LOM Ethernet port.

• Select Client for subnet-level isolation of management trac.

6. Add one or more management VIPs through which the administrator manages the FluidFS cluster.

a. In the Virtual IP Addresses area, click Add. The Add Client IP Address dialog box appears.

b. In the IP Address eld, type a management Virtual IP address.

c. Click OK.

7. Add an IP address for each NAS controller. Repeat the following steps for each NAS controller.

a. Select a NAS controller and click Edit Settings. The Edit Controller IP Address dialog box appears.

b. In the IP Address eld, type an IP address for the NAS controller.

c. Click OK.

FluidFS System Management for FS Series Appliances

513