TNS NetApp Data ONTAP 7G

Audit Details

Name: TNS NetApp Data ONTAP 7G

Updated: 4/25/2022

Authority: TNS

Plugin: NetApp

Revision: 1.26

Estimated Item Count: 151

File Details

Filename: NetApp_Data_ONTAP_Best_Practices.audit

Size: 182 kB

MD5: fe9202e92ee34f64b218e76ff5910e6c
SHA256: e1020bbaa32f60eab9b1e5803834ab8b73705ed820ecac4370e09712fe9f749a

Audit Items

DescriptionCategories
2.0 Install & Config - 'Disable FilerView HTTP'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable FTP'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable FTPS'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable NDMP'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable RIPv1'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable RSH'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable SFTP'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable SNMPv1'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable SNMPv3'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable SSHv1'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable SSLv2'

SYSTEM AND COMMUNICATIONS PROTECTION

2.0 Install & Config - 'Disable Telnet'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable TFTP'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable WebDav'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Enable FilerView HTTPS'

SYSTEM AND COMMUNICATIONS PROTECTION

2.0 Install & Config - 'Enable SSH'

ACCESS CONTROL

2.0 Install & Config - 'Enable SSHv2'

ACCESS CONTROL

2.0 Install & Config - 'Enable SSL'

SYSTEM AND COMMUNICATIONS PROTECTION

2.0 Install & Config - 'Enable SSLv3'

SYSTEM AND COMMUNICATIONS PROTECTION

2.0 Install & Config - 'Enable TLSv1'

SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Enable Secure Admin Access - 'autologout.telnet.enable = on'

ACCESS CONTROL

2.1 Enable Secure Admin Access - 'autologout.telnet.timeout <= 5'

ACCESS CONTROL

2.1 Enable Secure Admin Access - 'httpd.timeout <= 300'

ACCESS CONTROL

2.1 Enable Secure Admin Access - 'ssh.access has been configured'

SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Enable Secure Admin Access - 'ssh.access is not unlimited'

SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Enable Secure Admin Access - 'ssh.idle.timeout <= 60'

ACCESS CONTROL

2.1 Enable Secure Admin Access - 'ssh.passwd_auth.enable = on'

IDENTIFICATION AND AUTHENTICATION

2.1 Enable Secure Admin Access - 'ssh.port = 22'

CONFIGURATION MANAGEMENT

2.1 Enable Secure Admin Access - 'ssh.pubkey_auth.enable = on'

CONFIGURATION MANAGEMENT

2.1 Enable Secure Admin Access - 'telnet.distinct.enable = on'

ACCESS CONTROL

2.2 Disable/Modify Default Accts - 'alternate admin account has been created (root)'

ACCESS CONTROL

2.2 Disable/Modify Default Accts - 'alternate admin account has been created (snmp)'

ACCESS CONTROL

2.2 Disable/Modify Default Accts - 'ndmp/ndmpcopy service account'

ACCESS CONTROL

2.2 Disable/Modify Default Accts - 'security.passwd.rootaccess.enable = off'

ACCESS CONTROL

2.2 Disable/Modify Default Accts - 'SNMP default community strings have been removed'

ACCESS CONTROL

2.3 Disable Unnecessary Services - 'rsh.access != legacy'

CONFIGURATION MANAGEMENT

2.3 Disable Unnecessary Services - 'telnet.access != legacy'

CONFIGURATION MANAGEMENT

2.4 Password Security - 'maximum password age <= 90'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'minimum password age >= 1'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.firstlogin.enable = on'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.lockout.numtries = 6'

ACCESS CONTROL

2.4 Password Security - 'security.passwd.rules.everyone = on'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.rules.history = 6'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.rules.maximum >= 14'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.rules.minimum >= 8'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.rules.minimum.alphabetic = 2'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.rules.minimum.digit = 1'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.rules.minimum.symbol = 1'

IDENTIFICATION AND AUTHENTICATION

2.5 Autologout - 'autologout.console.enable = on'

ACCESS CONTROL

2.5 Autologout - 'autologout.console.timeout <= 5'

ACCESS CONTROL