No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


FusionStorage V100R006C30 Block Storage Service Disaster Recovery Feature Guide 03

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Security Configuration

Security Configuration

Network Plane Isolation

FusionStorage has the following four network planes: management plane, storage plane, replication plane, and arbitration plane (this plane is required only for HyperMetro). Network planes can be isolated from each other using virtual local area networks (VLANs) to enhance system security.
  • Management plane: used for the system management and maintenance.
  • Storage plane: used for service data communication between all nodes in the storage system.
  • Replication plane: used for data synchronization between DR nodes among sites.
  • Arbitration plane: used for the communication between quorum servers and sites. The arbitration plane is required only for HyperMetro.

To prevent unauthorized users from attacking the management, storage, replication, and arbitration planes through the service plane on the server, configure a firewall on the server after installing the software.

For example, configure network isolation for the management, storage, replication, and arbitration planes on the server to ensure that the logical network ports can be accessed from only the related services. In addition, disable the services on the management, storage, replication, and arbitration planes from accessing logical network ports of the other service planes.

For details about the listening port used by each FusionStorage Agent (FSA) node, see FusionStorage Block Storage Service Communication Matrix.

Ensure that the management, storage, replication, and arbitration planes are isolated from each other. If they are not isolated from each other, the storage and replication planes are prone to external attacks, and the reliability of the storage services and disaster recovery service will be affected.

Updated: 2019-01-17

Document ID: EDOC1100044928

Views: 17475

Downloads: 34

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next