topic Re: Security in HPE OneView

Security

Pavel_Majorov — Fri, 19 Apr 2019 10:57:03 GMT

Hello!

I looked at a lot of documents but didn't find any information about blocking a user when incorrect password is entered. Is there such a possibility?
is it possible to increase audit storage from 150MB to 20GB? or is it possible to collect reports only through PowerShell?
Is it possible to interrupt another user's session? in what release are you planning to introduce time out?

Re: Security

BhaskarV — Mon, 22 Apr 2019 07:48:00 GMT

I looked at a lot of documents but didn't find any information about blocking a user when incorrect password is entered. Is there such a possibility?

No - this functionality is not there for local users today, only for directory authenticated users. You will need to configure lockout on incorrect password in your Active Directory and the same policy will be honored by OneView.

is it possible to increase audit storage from 150MB to 20GB? or is it possible to collect reports only through PowerShell?

The audit storage is currently fixed and cannot be increased. Starting OneView release 4.20, forwarding the audit logs from OneView to a remote syslog server is available. You will then be able to forward audit logs and cumulate them at the remote syslog server so the size limit should not be a problem.

Is it possible to interrupt another user's session? in what release are you planning to introduce time out?

No this is not available today. Will pass on this information/ask to our product manager.

Regards,
Bhaskar

Re: Security

Pavel_Majorov — Mon, 22 Apr 2019 08:39:31 GMT

Thanks for the detailed description.

Re: Security

ChrisLynch — Mon, 29 Apr 2019 16:30:04 GMT

To answer your PowerShell question, yes. Get-HPOVAuditLog and Get-HPOVAuditLogArchive Cmdlets are available. The first one will get you individual audit log entries, including the ability to search. The second Cmdlet will download the ZIP containing the CSV.