No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

OceanStor 9000 V100R001C01 Security Maintenance 08

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
OceanStor 9000 Overview of System Security

OceanStor 9000 Overview of System Security

This section illustrates the OceanStor 9000 networking diagram and describes its security maintenance contents from four layers.

The security overview of OceanStor 9000 is presented from the following two perspectives:

OceanStor 9000 Networking

Figure 1-1 shows the network of OceanStor 9000.

Figure 1-1  Typical networking diagram

OceanStor 9000 Layered Security Protection Mechanism

There are four security layers in OceanStor 9000 and each layer provides different security solutions and security services.

  • Application layer

    Security solutions and security services at this layer include the authorization and authentication mechanism, ID authentication mechanism, password system, activity record mechanism.

  • System layer
    • Harden the Linux operating system to ensure the security of the applications running in it.
    • Secure Shell Protocol (SSH) and Secure File Transfer Protocol (SFTP) are used to prevent insecure network communications.
  • Network layer
    • Demarcate secure zones using subnet and firewall technologies to differentiate network communications and Access Control List (ACL).
    • Demarcate virtual local area networks (VLANs).
  • Management layer (recommended, actual deployments must be based on specific conditions.)
    • Use comprehensive and proper security policies, standards, operation regulations, guidance manuals, and patch management procedures to prevent system attacks.
    • Stress the management and control of system administrators, including the management of their responsibilities and their duties. The duties include developing and releasing security policies, standards, operation regulations, and guidance manuals, recruiting employees, training security awareness, monitoring system behaviors, and controlling change processes.
NOTE:
Technical support engineers must obtain users' authorization before maintain operation. Any unauthorized operation is forbidden.
Download
Updated: 2018-10-27

Document ID: EDOC1000042184

Views: 7589

Downloads: 177

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next