IBM Spectrum Virtualize, IBM FlashSystem, and IBM SAN Volume Controller Security Feature Checklist

Front Cover
IBM Redbooks, Mar 16, 2022 - Computers - 16 pages

IBM Spectrum® Virtualize based storage systems are secure storage platforms that implement various security-related features, in terms of system-level access controls and data-level security features.

This document outlines the available security features and options of IBM Spectrum Virtualize based storage systems. It is not intended as a “how to” or best practice document. Instead, it is a checklist of features that can be reviewed by a user security team to aid in the definition of a policy to be followed when implementing IBM FlashSystem®, IBM SAN Volume Controller, and IBM Spectrum Virtualize for Public Cloud.

The topics that are discussed in this paper can be broadly split into two categories:

  • System security
    This type of security encompasses the first three lines of defense that prevent unauthorized access to the system, protect the logical configuration of the storage system, and restrict what actions users can perform. It also ensures visibility and reporting of system level events that can be used by a Security Information and Event Management (SIEM) solution, such as IBM QRadar®.
  • Data security
    This type of security encompasses the fourth line of defense. It protects the data that is stored on the system against theft, loss, or attack. These data security features include, but are not limited to, encryption of data at rest (EDAR) or IBM Safeguarded Copy (SGC).

This document is correct as of IBM Spectrum Virtualize version 8.5.0.

 

Selected pages

Contents

Common terms and phrases

algorithms audit log Changing user groups chsecurity collect personally identifiable cookies corrupted maliciously data at rest defined disable this interface Documentation web pages ECDSA enable encryption keys file systems FlashCopy following IBM Documentation IBM Documentation web IBM FlashSystem IBM SAN Volume IBM Spectrum Virtualize IBM’s implement installed International Business Machines IP address iSCSI key management LDAP line of defense Linux lock login interface Microsoft Minimum number monitor multifactor authentication Network Time Protocol non-IBM products NVMe drives OBAC Object-Based Access Control OpenID ownership groups password reset feature per-user group basis personally identifiable information port sets Remote users Representational State Transfer REST API REST interfaces restrict Role-based access control Safeguarded copy SAN Volume Controller Secure Shell Secure sockets Security Administrator role security features session timeout setpwdreset single sign-on Software Offering Spectrum Virtualize software superuser account superuser is exempt system certificate system supports system-wide USB flash drives user account VMware

Bibliographic information

TitleIBM Spectrum Virtualize, IBM FlashSystem, and IBM SAN Volume Controller Security Feature Checklist
AuthorsBill Scales, Barry Whyte, James Whitaker, IBM Redbooks
PublisherIBM Redbooks, 2022
ISBN0738460435, 9780738460437
Length16 pages
Subjects ›  › 

Computers / System Administration / Storage & Retrieval
  
Export CitationBiBTeX EndNote RefMan