TNS NetApp Data ONTAP 7G

Audit Details

Name: TNS NetApp Data ONTAP 7G

Updated: 12/22/2023

Authority: TNS

Plugin: NetApp

Revision: 1.29

Estimated Item Count: 151

File Details

Filename: NetApp_Data_ONTAP_Best_Practices.audit

Size: 189 kB

MD5: c1c462d8360793cb4cd61942fb5a5a1a
SHA256: a2af601f571972954c8ab72f727a6af1e6fc9eef7b948276d43b84ec3e44f396

Audit Items

DescriptionCategories
2.0 Install & Config - 'Disable FilerView HTTP'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable FTP'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable FTPS'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable NDMP'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable RIPv1'
2.0 Install & Config - 'Disable RSH'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable SFTP'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable SNMPv1'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable SNMPv3'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable SSHv1'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable SSLv2'

SYSTEM AND COMMUNICATIONS PROTECTION

2.0 Install & Config - 'Disable Telnet'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable TFTP'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Disable WebDav'

CONFIGURATION MANAGEMENT

2.0 Install & Config - 'Enable FilerView HTTPS'

SYSTEM AND COMMUNICATIONS PROTECTION

2.0 Install & Config - 'Enable SSH'

ACCESS CONTROL

2.0 Install & Config - 'Enable SSHv2'

ACCESS CONTROL

2.0 Install & Config - 'Enable SSL'

SYSTEM AND COMMUNICATIONS PROTECTION

2.0 Install & Config - 'Enable SSLv3'

SYSTEM AND COMMUNICATIONS PROTECTION

2.0 Install & Config - 'Enable TLSv1'

SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Enable Secure Admin Access - 'autologout.telnet.enable = on'

ACCESS CONTROL

2.1 Enable Secure Admin Access - 'autologout.telnet.timeout <= 5'

ACCESS CONTROL

2.1 Enable Secure Admin Access - 'httpd.timeout <= 300'

ACCESS CONTROL

2.1 Enable Secure Admin Access - 'ssh.access has been configured'

SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Enable Secure Admin Access - 'ssh.access is not unlimited'
2.1 Enable Secure Admin Access - 'ssh.idle.timeout <= 60'

ACCESS CONTROL

2.1 Enable Secure Admin Access - 'ssh.passwd_auth.enable = on'

IDENTIFICATION AND AUTHENTICATION

2.1 Enable Secure Admin Access - 'ssh.port = 22'

CONFIGURATION MANAGEMENT

2.1 Enable Secure Admin Access - 'ssh.pubkey_auth.enable = on'

CONFIGURATION MANAGEMENT

2.1 Enable Secure Admin Access - 'telnet.distinct.enable = on'

ACCESS CONTROL

2.2 Disable/Modify Default Accts - 'alternate admin account has been created (root)'
2.2 Disable/Modify Default Accts - 'alternate admin account has been created (snmp)'
2.2 Disable/Modify Default Accts - 'ndmp/ndmpcopy service account'
2.2 Disable/Modify Default Accts - 'security.passwd.rootaccess.enable = off'

ACCESS CONTROL

2.2 Disable/Modify Default Accts - 'SNMP default community strings have been removed'
2.3 Disable Unnecessary Services - 'rsh.access != legacy'

CONFIGURATION MANAGEMENT

2.3 Disable Unnecessary Services - 'telnet.access != legacy'

CONFIGURATION MANAGEMENT

2.4 Password Security - 'maximum password age <= 90'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'minimum password age >= 1'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.firstlogin.enable = on'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.lockout.numtries = 6'

ACCESS CONTROL

2.4 Password Security - 'security.passwd.rules.everyone = on'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.rules.history = 6'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.rules.maximum >= 14'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.rules.minimum >= 8'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.rules.minimum.alphabetic = 2'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.rules.minimum.digit = 1'

IDENTIFICATION AND AUTHENTICATION

2.4 Password Security - 'security.passwd.rules.minimum.symbol = 1'

IDENTIFICATION AND AUTHENTICATION

2.5 Autologout - 'autologout.console.enable = on'

ACCESS CONTROL

2.5 Autologout - 'autologout.console.timeout <= 5'

ACCESS CONTROL