Skip to main content
How to enable StorageGRID in your environment

Secure StorageGRID data and metadata in an object store

Contributors

Discover the integral security features of the StorageGRID object storage solution.

This is an overview of the many security features in NetApp® StorageGRID®, covering data access, objects and metadata, administrative access, and platform security. It has been updated to include the newest features released with StorageGRID 11.8.

Security is an integral part of the NetApp StorageGRID object storage solution. Security is particularly important because many types of rich content data that are well suited for object storage are also sensitive in nature and subject to regulations and compliance. As StorageGRID capabilities continue to evolve, the software makes available many security features that are invaluable for protecting an organization’s security posture and helping the organization adhere to industry best practices.

This paper is an overview of the many security features in StorageGRID 11.8, divided into five categories:

  • Data access security features

  • Object and metadata security features

  • Administration security features

  • Platform security features

  • Cloud integration

This paper is intended to be a security datasheet—it does not detail how to configure the system to support the security features enumerated within that are not configured by default. The StorageGRID Hardening Guide is available on the official StorageGRID Documentation page.

In addition to the capabilities described in this report, StorageGRID follows the NetApp Product Security Vulnerability Response and Notification Policy. Reported vulnerabilities are verified and responded to according to the product security incident response process.

NetApp StorageGRID provides advanced security features for highly demanding enterprise object storage use cases.

Where to find additional information

To learn more about the information that is described in this document, review the following documents and/or websites:

Terms and acronyms

This section provides definitions for the terminology used in the document.

Term or acronym Definition

S3

Simple Storage Service.

Client

An application that can interface with StorageGRID either through the S3 protocol for data access or HTTP protocol for management.

Tenant admin

The administrator of the StorageGRID tenant account

Tenant user

A user within a StorageGRID tenant account

TLS

Transport Layer Security

ILM

Information Lifecycle Management

LAN

Local Area Network

Grid administrator

The administrator of the StorageGRID system

Grid

The StorageGRID system

Bucket

A container for objects stored in S3

LDAP

Lightweight Directory Access Protocol

SEC

Securities and Exchange Commission; regulates exchange members, brokers, or dealers

FINRA

Financial Industry Regulatory Authority; defers to the format and media requirements of SEC Rule 17a-4(f)

CFTC

Commodity Futures Trading Commissions; regulates commodity futures trading

NIST

National Institute of Standards and Technology