Preparation for Scanning HPE Alletra MP storage systems
StorageGuard collects configuration data from Alletra MP systems by running read-only APIs directly on the storage system.
The following table lists the requirements for scanning Alletra MP systems:
| # | Description |
| 1 | Provide the network name or IP address of the HPE storage system. |
| 2 | Provide a storage system user account profile (existing or specifically created for StorageGuard) with a read-only privilege. Examples for API endpoints used:
|
| 3 | Verify that IP connectivity through HTTPS (default is port 443) is available between the StorageGuard collector server and each storage system. |
Creating a User Account for Scanning HPE Alletra MP storage systems
The following suggested method can be used to create a user account named sguard with the appropriate privileges:
createuser -c {password} sguard {domainname} service
The service role is required to run the controlencryption status and controlsecurity fips status read-only commands, which are essential for security hardening checks. While the browse role can be used, it won't support all checks and is therefore not recommended.
Comments
0 comments
Please sign in to leave a comment.