Viewing security status for clusters and Storage VMs

Contributors netapp-manini netapp-rlithman

Active IQ Unified Manager enables you to view the security status of the storage objects in your environment from different points in the interface. You can collect and analyze information and reports based on defined parameters, and detect suspicious behavior or unauthorized system changes on the monitored clusters and storage VMs.

For the security recommendations, see the NetApp Security Hardening Guide for ONTAP 9

View object level security status on Security page

As a system administrator, you can use the Security page to get visibility into the security strength of your ONTAP clusters and storage VMs at the data center and site levels. The supported objects are cluster, storage VMs, and volumes. Follow these steps:

Steps
  1. In the left navigation pane, click Dashboard.

  2. Depending on whether you want to view security status for all monitored clusters or for a single cluster, select All Clusters or select a single cluster from the drop-down menu.

  3. Click the right-arrow in the Security panel. The Security page is displayed.

Clicking the bar charts, counts, and View Reports links takes you to the Volumes, Clusters, or Storage VMs page for you to view the corresponding details or generate reports, as required.

The Security page displays the following panels:

  • Cluster Compliance: the security status (number of clusters that are compliant or not compliant) of all the clusters in a data center

  • Storage VM Compliance: the security status (number of storage VMs that are compliant or not compliant) for all the storage VMs in your data center

  • Volume Encryption: the volume encryption status (number of volumes that are encrypted or not encrypted) of all the volumes in your environment

  • Volume Anti-ransomware Status: the security status (number of volumes with anti-ransomware enabled or disabled) of all the volumes in your environment

  • Cluster Authentication and Certificates: the number of clusters using each type of authentication method, such as SAML, Active Directory, or through certificates and local authentication. The panel also displays the number of clusters whose certificates have either expired or are about to expire in 60 days.

View security details of all clusters on the Clusters page

The Clusters / Security details page enables you to view the security compliance status at a cluster level.

Steps
  1. In the left navigation pane, click Storage > Clusters.

  2. Select View > Security > All Clusters.

Default security parameters, such as Global FIPS, Telnet, insecure SSH settings, login banner, network time protocol, AutoSupport HTTPS Transport, and the status of cluster certificate expiration are displayed.

You can click the kabob icon more options button and choose to view the security details on the Security page of Unified Manager or on System Manager. You should have valid credentials for viewing the details on System Manager.

Note If a cluster has an expired certificate, you can click expired under Cluster Certificate Validity, and renew it from System Manager (9.10.1 and later). You cannot click expired if the System Manager instance is of a release earlier than 9.10.1.

View security details of all clusters from the storage VMs page

The Storage VMs / Security details page enables you to view the security compliance status at a storage VM level.

Steps
  1. In the left navigation pane, click Storage > Storage VMs.

  2. Select View > Security > All Storage VMs. A list of clusters with the security parameters is displayed.

You can have a default view of the storage VMs' security compliance by checking the security parameters, such as storage VMs, cluster, login banner, audit log, and insecure SSH settings.

You can click the kabob icon more options button and choose to view the security details on the Security page of Unified Manager or on System Manager. You should have valid credentials for viewing the details on System Manager.

For anti-ransomware security details for volumes and storage VMs, see Viewing the anti-ransomware status of all volumes and Storage VMs.