Dec 22, 2023 Miscellaneous- Metadata updated.
- References updated.
|
Mar 7, 2023 Miscellaneous- Metadata updated.
- References updated.
- Variables updated.
|
Dec 7, 2022 |
Apr 25, 2022 Miscellaneous- Metadata updated.
- References updated.
|
Sep 1, 2021 Functional Update- 2.1 Enable Secure Admin Access - 'ssh.access has been configured'
- 2.1 Enable Secure Admin Access - 'ssh.access is not unlimited'
- 5.2 SnapMirror - 'replication.throttle.enable = on'
- 5.2 SnapMirror - 'replication.throttle.incoming.max_kbs has been configured'
- 5.2 SnapMirror - 'replication.throttle.outgoing.max_kbs has been configured'
- 5.2 SnapMirror - 'snapmirror.access has been configured'
- 5.2 SnapMirror - 'snapmirror.allow file should be reviewed'
- 5.2 SnapMirror - 'snapmirror.log.enable = on'
- 5.3 SnapVault - 'snapvault.access has been configured'
- 5.3 SnapVault - 'snapvault.preservesnap = on'
- 5.3 SnapVault - 'snapvault.snapshot_for_dr_backup has been configured'
- 5.4 CIFS - 'cifs.LMCompatibilityLevel <= 3'
- 5.4 CIFS - 'cifs.audit.account_mgmt_events.enable = on'
- 5.4 CIFS - 'cifs.audit.autosave.file.extension has been configured'
- 5.4 CIFS - 'cifs.audit.autosave.file.limit has been configured'
- 5.4 CIFS - 'cifs.audit.autosave.onsize.enable = on'
- 5.4 CIFS - 'cifs.audit.autosave.onsize.threshold has been configured'
- 5.4 CIFS - 'cifs.audit.autosave.ontime.interval has been configured'
- 5.4 CIFS - 'cifs.audit.enable = on'
- 5.4 CIFS - 'cifs.audit.file_access_events.enable = on'
- 5.4 CIFS - 'cifs.audit.liveview.enable = off'
- 5.4 CIFS - 'cifs.audit.logon_events.enable = on'
- 5.4 CIFS - 'cifs.audit.nfs.enable = on'
- 5.4 CIFS - 'cifs.audit.nfs.filter.filename has been configured'
- 5.4 CIFS - 'cifs.gpo.enable = on'
- 5.4 CIFS - 'cifs.guest_account is not configured'
- 5.4 CIFS - 'cifs.restrict_anonymous = 2'
- 5.4 CIFS - 'cifs.signing.enable = on'
- 5.4 CIFS - 'cifs.smb2.client.enable = on'
- 5.4 CIFS - 'cifs.smb2.durable_handle.enable = on'
- 5.4 CIFS - 'cifs.smb2.durable_handle.timeout'
- 5.4 CIFS - 'cifs.smb2.signing.required = on'
- 5.4 CIFS - 'dns.domainname has been configured'
- 5.4 CIFS - 'dns.enable = on'
- 5.4 CIFS - 'dns.update.enable = on or secure'
- 5.4 CIFS - 'ldap.enable = on'
- 5.4 CIFS - 'ldap.security.level = 1 or 2'
- 5.4 CIFS - 'ldap.ssl.enable = on'
- 5.4 CIFS - 'timed.enable = on'
- 5.4 CIFS - 'timed.proto = ntp'
- 5.4 CIFS - 'timed.servers has been configured'
- 5.4 CIFS - 'timed.window = 5m'
- 5.5 NFS - 'cifs.nfs_root_ignore_acl = on'
- 5.5 NFS - 'cifs.preserve_unix_security = on'
- 5.5 NFS - 'nfs.kerberos.enable = on'
- 5.5 NFS - 'nfs.kerberos.file_keytab.enable = on'
- 5.5 NFS - 'nfs.kerberos.principal has been configured'
- 5.5 NFS - 'nfs.kerberos.realm has been configured'
- 5.5 NFS - 'nfs.rpcsec.ctx.high has been configured'
- 5.5 NFS - 'nfs.rpcsec.ctx.idle has been configured'
- 5.5 NFS - 'nfs.v4.acl.enable = on'
- 5.5 NFS - 'nfs.v4.id.domain has been configured'
- 5.5 NFS - 'nfs.v4.read_delegation = on'
- 5.5 NFS - 'nfs.v4.write_delegation = on'
- 5.5 NFS - 'wafl.default_nt_user has been configured'
- 5.5 NFS - 'wafl.default_security_style has been configured'
- 5.5 NFS - 'wafl.default_unix_user has been configured'
- 5.5 NFS - 'wafl.nt_admin_priv_map_to_root = on'
- 5.5 NFS - 'wafl.wcc_minutes_valid has been configured'
|
Feb 1, 2021 Miscellaneous- Metadata updated.
- References updated.
|
Sep 29, 2020 |
Apr 22, 2020 Miscellaneous- Metadata updated.
- References updated.
|
Jan 29, 2019 Miscellaneous- Metadata updated.
- References updated.
|
Dec 12, 2018 Informational Update- 2.0 Install & Config - 'Disable RIPv1'
- 2.2 Disable/Modify Default Accts - 'SNMP default community strings have been removed'
- 2.2 Disable/Modify Default Accts - 'alternate admin account has been created (root)'
- 2.2 Disable/Modify Default Accts - 'alternate admin account has been created (snmp)'
- 2.2 Disable/Modify Default Accts - 'ndmp/ndmpcopy service account'
- 2.4 Password Security - 'maximum password age <= 90'
- 2.4 Password Security - 'minimum password age >= 1'
- 3.1 Storage System (Hardware) Management - 'Change the root account password after each use'
- 3.1 Storage System (Hardware) Management - 'FW version >= 4.0'
- 3.1 Storage System (Hardware) Management - 'Place the interface on a management VLAN'
- 3.1 Storage System (Hardware) Management - 'Strong Password root account'
- 3.2 Data ONTAP (Software) Mgmt - 'Place e0M on a management VLAN'
- 3.2 Data ONTAP (Software) Mgmt - 'Set SSH login banner'
- 3.2 Data ONTAP (Software) Mgmt - 'Telnet login banner'
- 3.2 Data ONTAP (Software) Mgmt - 'Use e0M as the Data ONTAP management port'
- 3.3 Role-Based Access Control (RBAC) - 'RBAC has been implemented'
- 5.2 SnapMirror - 'replication.throttle.enable = on'
- 5.2 SnapMirror - 'replication.throttle.incoming.max_kbs has been configured'
- 5.2 SnapMirror - 'replication.throttle.outgoing.max_kbs has been configured'
- 5.2 SnapMirror - 'snapmirror.access has been configured'
- 5.2 SnapMirror - 'snapmirror.allow file should be reviewed'
- 5.2 SnapMirror - 'snapmirror.log.enable = on'
- 5.3 SnapVault - 'snapvault.access has been configured'
- 5.3 SnapVault - 'snapvault.preservesnap = on'
- 5.3 SnapVault - 'snapvault.snapshot_for_dr_backup has been configured'
- 5.4 CIFS - 'cifs.LMCompatibilityLevel <= 3'
- 5.4 CIFS - 'cifs.audit.account_mgmt_events.enable = on'
- 5.4 CIFS - 'cifs.audit.autosave.file.extension has been configured'
- 5.4 CIFS - 'cifs.audit.autosave.file.limit has been configured'
- 5.4 CIFS - 'cifs.audit.autosave.onsize.enable = on'
- 5.4 CIFS - 'cifs.audit.autosave.onsize.threshold has been configured'
- 5.4 CIFS - 'cifs.audit.autosave.ontime.interval has been configured'
- 5.4 CIFS - 'cifs.audit.enable = on'
- 5.4 CIFS - 'cifs.audit.file_access_events.enable = on'
- 5.4 CIFS - 'cifs.audit.liveview.enable = off'
- 5.4 CIFS - 'cifs.audit.logon_events.enable = on'
- 5.4 CIFS - 'cifs.audit.nfs.enable = on'
- 5.4 CIFS - 'cifs.audit.nfs.filter.filename has been configured'
- 5.4 CIFS - 'cifs.gpo.enable = on'
- 5.4 CIFS - 'cifs.guest_account is not configured'
- 5.4 CIFS - 'cifs.restrict_anonymous = 2'
- 5.4 CIFS - 'cifs.smb2.client.enable = on'
- 5.4 CIFS - 'cifs.smb2.durable_handle.enable = on'
- 5.4 CIFS - 'cifs.smb2.durable_handle.timeout'
- 5.4 CIFS - 'cifs.smb2.signing.required = on'
- 5.4 CIFS - 'dns.domainname has been configured'
- 5.4 CIFS - 'dns.enable = on'
- 5.4 CIFS - 'dns.update.enable = on or secure'
- 5.4 CIFS - 'ldap.enable = on'
- 5.4 CIFS - 'ldap.security.level = 1 or 2'
- 5.4 CIFS - 'timed.enable = on'
- 5.4 CIFS - 'timed.proto = ntp'
- 5.4 CIFS - 'timed.servers has been configured'
- 5.4 CIFS - 'timed.window = 5m'
- 5.5 NFS - 'cifs.nfs_root_ignore_acl = on'
- 5.5 NFS - 'cifs.preserve_unix_security = on'
- 5.5 NFS - 'nfs.kerberos.enable = on'
- 5.5 NFS - 'nfs.kerberos.file_keytab.enable = on'
- 5.5 NFS - 'nfs.kerberos.principal has been configured'
- 5.5 NFS - 'nfs.kerberos.realm has been configured'
- 5.5 NFS - 'nfs.rpcsec.ctx.high has been configured'
- 5.5 NFS - 'nfs.rpcsec.ctx.idle has been configured'
- 5.5 NFS - 'nfs.v4.acl.enable = on'
- 5.5 NFS - 'nfs.v4.id.domain has been configured'
- 5.5 NFS - 'nfs.v4.read_delegation = on'
- 5.5 NFS - 'nfs.v4.write_delegation = on'
- 5.5 NFS - 'wafl.default_nt_user has been configured'
- 5.5 NFS - 'wafl.default_security_style has been configured'
- 5.5 NFS - 'wafl.default_unix_user has been configured'
- 5.5 NFS - 'wafl.nt_admin_priv_map_to_root = on'
- 5.5 NFS - 'wafl.wcc_minutes_valid has been configured'
Miscellaneous- Metadata updated.
- References updated.
- See also link updated.
|
