Dell 745N manual Additional Security Recommendations, Maximum Security Recommendations

Page 88

Apple Environments

If you are using your NAS system in an Apple environment, install the Microsoft® User Authentication Module (UAM) on the NAS system. If AppleTalk is not installed on the NAS system, client access is not encrypted. See "Services for Macintosh" for more information.

Secure Socket Layer (SSL) Certificates

SSL certificates enable Web servers and users to authenticate each other before establishing a connection to create more secure communications. See "Using Secure Sockets Layer" for information.

Microsoft Baseline Security Analyzer

Use the Microsoft Baseline Security Analyzer (MBSA) to search for any security vulnerabilities. MSSA scans Windows-based servers for common security misconfigurations. The tool scans the operating system and other installed components such as Internet Information Services (IIS). MBSA also checks systems for missing security patches, and recommends critical security patches and fixes.

Additional Security Recommendations

In addition to the practices mentioned in "Standard Security Recommendations," Dell recommends the following practices to ensure security:

Format all volumes as NTFS.

Disable automatic log on.

Disable the guest account.

Do not install IIS sample applications.

Disable parent paths.

Move the MSADC and Scripts virtual directories from the default website to another location.

Ensure that you place appropriate restrictions on any Anonymous Logon groups. To allow UNIX® users who do not have Windows user accounts to access resources on a system running Windows, you must explicitly add the Anonymous Logon group to the Everyone group and assign the Anonymous Group appropriate permissions. For more information, see "Server for Network File System (NFS)."

Maximum Security Recommendations

This section provides information about practices recommended for maximum security on your NAS system.

Allow no more than two administrators on the NAS system.

Do not allow passwords that have no expiration date.

Enable Logon Success and Logon Failure auditing.

Disable unnecessary services.

Disabling unnecessary services also increases performance.

Remove the IISADMPWD virtual directory.

Enable application logging options for all Web and FTP sites.

Ensure that Internet Explorer zones have secure settings for all users.

Use the NAS system only for shares and services that are actively used.

Disable http sharing if http shares are not used.

Disabling HTTP Shares

Page 87 Page 89
Image 88
Page 87 Page 89
Contents Dell PowerVault 745N NAS Systems Administrators Guide Recovering and Restoring the System Software-RAID Recovery and Restoration ProceduresTroubleshooting Software-RAID NAS Systems Does the power LED show that the NAS system is turned on?Software-RAID NAS System Hard-Drive Recovery Procedures Software-RAID NAS System Hard-Drive FailuresSoftware-RAID NAS System Software Failures Replacing Software-RAID NAS System Hard DrivesHardware-RAID Recovery and Restoration Procedures Recovering From a Software-RAID Operating System FailureHardware-RAID NAS System Hard-Drive Recovery Procedures Troubleshooting Hardware-RAID NAS SystemsHardware-RAID NAS System Hard-Drive Failures Hardware-RAID NAS System Software Failures Replacing Hardware-RAID NAS System Hard DrivesReplacing One Hardware-RAID NAS System Hard Drive Replacing Two or More Hardware-RAID NAS System Hard DrivesRecovering From a Hardware-RAID Operating System Failure Recreating a Hardware-RAID NAS System Data VolumeWhen the Array Properties Menu appears, select RAID Click Maintenance, and then click Remote DesktopTroubleshooting External Storage Configuration NAS Systems External Storage NAS System Hard-Drive Recovery Procedures Recovering From an Operating System FailureAre the LEDs for all hard drives in the NAS system lit? Reinstalling the Operating System Recreating an External Storage NAS System Data VolumeReplacing External Storage Hard Drives RequirementsReinstalling the Operating System on Your NAS System Click Begin SetupClick on Dell PowerVault USB Key Preparation Tool Preparing the USB KeySelect Configure→ Clear Configuration Restoring System-State Data After Reinstallation Click MaintenanceClick Import File Click AdvancedRestoring Initial System Setup Click Start RestoreTroubleshooting Tools and TechniquesTroubleshooting General TroubleshootingIssue Possible Cause Resolution Sites Properties windowNAS Manager Viewed in My Network PlacesServer for NFS Macintosh and AppleTalkAdapter Binding in Advanced Features Hardware-RAID NAS System Internal RAID Controller CardInitial Configuration Configuring Your NAS System for the First TimeConfiguring Your System Using a Keyboard, Monitor, and Mouse Other Documents You May Need Other DocumentsDetermining a NAS Systems Configuration NAS ManagerDefault Administrator User Name and Password Logging Into the NAS ManagerBasic Navigation Logging Into the NAS Manager on the NetworkHow to Find Online Help Click Maintenance Click LanguageChanging the NAS Manager Language Primary MenuConfiguring Network Properties Default System NameConfiguring the Network Address for the NAS System Naming the NAS SystemChanging the Administrator Password Click IP, and select Use the following IP settingsClick Network and click Administrator Creating Local Users and GroupsCreating a Local Group Using SharesAdding a Share Removing a Share Modifying Share PropertiesClick Properties Disk Quotas Removing a Protocol From the SharePublishing a Share in DFS Click Publish in DFSEnabling, Disabling, or Setting Disk Quotas on a Volume Adding Disk Quota EntriesModifying Quota Properties Click Set Quota EntriesUsing Logs Disabling Disk Quotas on a VolumeRemoving User Quota Entries Viewing Log Entry DetailsModifying Log Properties Downloading Log FilesViewing Downloaded Log Files File Download dialog window, select Save this file to diskShutting Down the NAS System Managing Disks and VolumesClearing Log Files Shadow Copies Configuring Volume SettingsIntroduction to Shadow Copies Using Shadow Copies Scheduling Shadow CopiesAccessing Shadow Copies Editing a Shadow Copy ScheduleDefragmenting a Volume Containing Shadow Copies Disk and Volume Management Drive ConfigurationsManaging Your Disks and Volumes Software-RAID NAS System Drive ConfigurationHardware-RAID NAS System Drive Configuration Software RAID Default Hard-Drive PartitionsFront-Panel RAID Volume LED Codes Hardware RAID Default Hard-Drive PartitionsHard Drive Condition LED Status Indicator Pattern External Storage NAS System Drive ConfigurationFront Panel Hard-Drive LED Codes Using Array Manager to Manage Disk Arrays Launching Array Manager From the NAS ManagerArray Manager Console Managing Disk ArraysReconfiguring and Managing Virtual Disks Reconfiguring a Virtual DiskClick Reconfigure Creating Virtual DisksUsing Change Policy Using Check ConsistencyProperties Click Check ConsistencyDisk Commands Assign Global Hot Spare Unassign Global Hot SparePrepare to Remove Click Assign Global Hot SpareGeneral Controller Commands Enclosure Management Managing Volumes Using Disk Management Enclosure CommandsDisk Management Monitoring Disk ReliabilityAccessing the Disk Management Tool Initializing a DiskUpgrading a Basic Disk to a Dynamic Disk Reactivating Dynamic DisksVolume Overview Checking Partition or Volume PropertiesFormatting a Partition or Volume Merging Foreign DisksDeleting a Partition or Volume Working With Dynamic VolumesCreating a Dynamic Volume Extending a Dynamic Simple or Spanned VolumeOn Disk Device Properties, click the Policies tab Integrated Features Dell OpenManage Server AdministratorSystems Management Accessing Server Administrator Using Remote Access ControllersAdditional Information About Server Administrator Accessing a RAC From the NAS Manager Reinstalling the RAC SoftwareAdditional Information About RACs Click Remote ConnectAlert Log Messages From Server Administrator Configuring Snmp PropertiesConfiguring Snmp Community Properties Configuring Snmp Agent PropertiesBack to Contents Backing Up the System System-State BackupBacking Up System-State Data Backing Up Data Volumes Windows Backup and Restore ToolsThird-Party Backup Software Using Third-Party Backup Software for Network BackupsVeritas Backup Exec Yosemite TapeWareClick Update Driver Page Configuring Systems in a Heterogeneous Environment Server for Network File System NFSNFS Write Cache User Name MappingConfiguring User and Group Mappings Simple MapsClick Sharing Protocols Click User and Group MappingsManaging NFS Share Access Explicit User MapsClick Shares, and click Sharing Protocols Click Client GroupsBasic Scenarios Filename Character TranslationWorkgroup DomainEnabling the AppleTalk Protocol Services for MacintoshDisabling the AppleTalk Protocol Configuring the AppleTalk Protocol Microsoft UAM VolumeAdapter Bindings AppleTalk Protocol Adapter BindingRestarting Workstation Services Installing User AuthenticationServices for the Novell NetWare Operating System Sharing Netware VolumesConfiguring the NWLink IPX/SPX Compatible Protocol Viewing Netware System PropertiesConfiguring the IPX Protocol Microsoft Directory Synchronization ServicesClose the Network and Dial-Up Connections window Outline of the Msdss Deployment Procedure Windows Server 2003 Msdss Domain ControllerSmall Environment Click MigrationOn the Migrate tab, click Migrate Medium-Sized or Large Environment Page Using the NAS Utilities Advanced FeaturesInstalling Multilanguage User Interface MUI Support Applying the MUI Language Network Adapter TeamingControl Panel, double-clickRegional and Language Options Switch Fault Tolerance Adapter Fault ToleranceAdaptive Load Balancing Receive Load BalancingRemoving Intel PROSet II Network Teams Removing an Intel PROSet II Adapter From a Network TeamChanging the Intel PROSet II Network Team Mode AuthenticationAdministration Telnet ServerUsing Remote Desktop to Enable FTP Write Privileges Using Secure Sockets LayerUsing Remote Desktop to Delete FTP Shares PowerVault 745N Certificate Using a Custom CertificateIntroduction to SSL Certificates Server CertificatesAdministration Properties window, click Directory Security Using DFSCreating a Standalone DFS Root Creating a Domain-Integrated DFS Root Creating Shares in DFSBack to Contents Security Recommendations Standard Security RecommendationsAdditional Security Recommendations Maximum Security RecommendationsClick Security Click Disable Web Sharing On the Shares page, click Sharing Protocols
Related manuals
Manual 128 pages 54.7 Kb
Top Page Image Contents