- Community Home
- >
- Storage
- >
- Midrange and Enterprise Storage
- >
- HPE EVA Storage
- >
- Re: ACU Security?
HPE EVA Storage
1752353
Members
6130
Online
108787
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-19-2007 06:59 AM
тАО07-19-2007 06:59 AM
ACU Security?
Hello,
We have couple MSA1000s that we share out to clients that need additional space. By default we remove the ACU from their login profile but it does not prevent them from going to our profile (they are local admins of their server) or reinstall the ACU. I was thinking of just uninstalling the utility but it does not prevent them from installing and accessing the SAN. Is there a good way to prevent access to the SAN so they can not view or make any changes? I am surprised there is no sort of login to prevent unauthorized changes.
We have couple MSA1000s that we share out to clients that need additional space. By default we remove the ACU from their login profile but it does not prevent them from going to our profile (they are local admins of their server) or reinstall the ACU. I was thinking of just uninstalling the utility but it does not prevent them from installing and accessing the SAN. Is there a good way to prevent access to the SAN so they can not view or make any changes? I am surprised there is no sort of login to prevent unauthorized changes.
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-25-2007 09:31 PM
тАО07-25-2007 09:31 PM
Re: ACU Security?
Hello Wichard,
I guess you have to prevent the users to access SAN, rt? You can disable the ports thats not required for your setup.
For additional security change the password by login to switch as well.
Regards,
Ranjith
I guess you have to prevent the users to access SAN, rt? You can disable the ports thats not required for your setup.
For additional security change the password by login to switch as well.
Regards,
Ranjith
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-17-2009 08:59 PM
тАО01-17-2009 08:59 PM
Re: ACU Security?
Hi
I have the same problem.
I want to prevent access to MSA1500cs via ACU,
but ACU does not have any Login to prevent unauthorized access.
Any Help?
I have the same problem.
I want to prevent access to MSA1500cs via ACU,
but ACU does not have any Login to prevent unauthorized access.
Any Help?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-22-2010 07:57 PM
тАО03-22-2010 07:57 PM
Re: ACU Security?
Sorry to revive such an old thread but I just wanted to post my solution to this problem.
I've used ACLs to permit access to specific LUNS but I still needed a way to restrict the viewing of all my physical arrays via the HP ACU. My customers were local admins of the box and would have the ability to see all physical arrays via the ACU on my MSA regardless of using ACLs or SSP.
It seems to me the fix would be to uninstall the ACU or to use Windows software restriction policies.
I opted to deny access to the HP ACU executable via hash rules under my Windows 2008 server local group plicies and it worked great.
This obviously isn't a perfect solution because the hash rule only works for the installed version of the ACU. If the customer were to un-install/re-install with a older/newer version of the ACU, the policy would no longer work.
I guess taking it a step further would require a policy that would prevent the un-installation of the ACU for a specific local admin user.
I've used ACLs to permit access to specific LUNS but I still needed a way to restrict the viewing of all my physical arrays via the HP ACU. My customers were local admins of the box and would have the ability to see all physical arrays via the ACU on my MSA regardless of using ACLs or SSP.
It seems to me the fix would be to uninstall the ACU or to use Windows software restriction policies.
I opted to deny access to the HP ACU executable via hash rules under my Windows 2008 server local group plicies and it worked great.
This obviously isn't a perfect solution because the hash rule only works for the installed version of the ACU. If the customer were to un-install/re-install with a older/newer version of the ACU, the policy would no longer work.
I guess taking it a step further would require a policy that would prevent the un-installation of the ACU for a specific local admin user.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP