RE: Hardening Tap7G servers

["Mike MacNeill" <mmacneil () crosscountry com>]

Data OnTap is the OS that runs on Network Appliance Filers.  There are quite a few methods you can do to restrict 
access but it also depends on the storage protocols that you want to run.  They can use NFS, CIFS, FCP and iSCSI as 
well as a few others.   

What exactly do you want to harden on the box?  The admin console can be restricted to interfaces on a secure network 
and you can enable SSL and SSH.  All of the data either lives on the WAFL filesystems and if you use FCP or iSCSI, the 
LUNS appear as a single file which you can't copy or delete via CIFS or NFS access which can be restricted to 
interfaces as well as users.

http://now.netapp.com (requires registration) offers a ton of information on the underlying OS and filesystem.


Mike



-----Original Message-----
From: pranav.lal () gmail com [mailto:pranav.lal () gmail com]
Sent: Thu 9/8/2005 12:27 AM
To: security-basics () securityfocus com
Subject: Re: Hardening Tap7G servers
 
Hi all,

My bad. The name of the servers should be 
"data ontap 7g"

Any one know how to harden them?

Pranav