Hardware manual

ManualsBrandsDell ManualsComputer equipment6 series

4–1

4 Group security

Group security features enable you to control access to the group and the data it contains.

About group security

To access a group for management purposes, an administrator must meet several security conditions. See Table 4-1.

Table 4-1: Access Requirements for Group Administration

Security Condition Description

Network access The administrator’s computer must have access to the

group network address (group IP

address or dedicated management address).

Group administration access

enab

led in the

group

To use the GUI, the group must allow administrative access through the web.

To use the CLI, the group must allow administrati

ve access through telnet or SSH.

Valid group administration

account

To log in to the group, you must have a valid group administration account. Different

account types provide diff

erent privileges. The default account, grpadmin, provides all

privileges.

In addition to administration account security, Table 4-2 identifies other group security options.

Table 4-2: Group Security Options

Security Option Description

RADIUS authentication You can control access to a group and its volumes by using administration

accounts to log in

to the group. Using a RADIUS Authentication server enables you to centralize account

management.

SNMP Simple Network Management Protocol (SNMP) enables read-only

access to the group.

VDS/VSS access control Enables W

indows VDS and VSS access to the group. You mus

t create at least one VDS/VSS

access control record that matches the access control credentials you configure on the

computer by using Remote Setup Wizard or Auto-Snapshot Manager/Microsoft Edition.

Dedicated management network An advanced option enables you to configure

a dedi

cated management network, which

separates group management traffic from iSCSI traffic.

Accessing the GUI or CLI

By default, administrators can access the GUI remotely using a Web browser or a standalone Java application.

Administrators can also manage a group by using the command-line interface (CLI) across a telnet or SSH

connection.

You can disable CLI access, preventing any administrator from logging in to the group or from using CLI

commands.

Note: If you disable all me

thods

of access to the group, you must use a serial connection and the CLI to manage

the group or to re-enable access. See Using the CLI on page 3

-6 and your Hardware Maintenance manual

for information about serial connections.