Dell EMC System Update version 1.9.2.0 Security Configuration Guide July 2021 Rev.
Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2021 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries.
Contents Figures..........................................................................................................................................4 Tables........................................................................................................................................... 5 Chapter 1: PREFACE..................................................................................................................... 6 Terms used in this document...........................................
Figures 1 4 Figures Security Controls Map..............................................................................................................................................
Tables 1 Revision History..........................................................................................................................................................6 2 Terms used in this document.................................................................................................................................. 7 3 Outbound ports....................................................................................................................................................
1 PREFACE As part of an effort to improve its product lines, Dell EMC periodically releases revisions of its software and hardware. Some functions that are described in this document might not be supported by all versions of the software or hardware currently in use. The product release notes provide the most up-to-date information about product features. Contact your Dell EMC technical support professional if a product does not function properly or does not function as described in this document.
Document References In addition to this guide, you can access the other guides available at dell.com/support . Since DSU supports an Update to the Server through iDRAC, see Integrated Dell Remote Access Controller User's Guide for any configuration-related queries. For the information about supported PowerEdge Servers, see Dell EMC Systems Management - OpenManage Software Support Matrix.
2 Deployment models You can deploy Dell EMC System Update on Microsoft Windows Server or Linux operating system through Dell Update Package (DUP) on supported Dell EMC PowerEdge servers. Dell EMC System Update supports online or offline method to deploy on the selected operating system through Dell Update Package. For more information on the deployment of Dell System Update, see Dell EMC System Update User's Guide at dell.
3 Product and Subsystem Security Topics: • • • • • • • • • Security controls map Authentication Login security settings User and credential management Network security Data security Auditing and logging Serviceability Product code integrity Security controls map Dell EMC System Update is a script optimized update deployment tool that is used to apply Dell EMC updates such as applications, firmware, and drivers for Linux and Microsoft Windows operating systems.
Login security settings Failed login behavior DellEMC System Update (DSU) populate failed login message on console for wrong credential. For more information about failed login behavior of DSU, see the Dell EMC System Update User's Guide at dell.com/support Remote connection security Dell EMC System Update uses open source library for remote connection using SSH and WMI and it does not log the credentials mentioned for connections.
Table 3. Outbound ports (continued) Port number Layer 4 Protocol Service 448 TCP Data Protection Search Admin REST API 464 TCP, UDP Kerberos 514 TCP, UDP rsh 587 TCP SMTP 636 TCP, UDP LDAPS 902 TCP VMware ESXi 2049 TCP, UDP NFS 2052 TCP, UDP mountd, clearvisn 3009 TCP Data Domain REST API Inbound ports The inbound ports that are available to be used by a remote system when connecting to Dell System Update remote.
Product code integrity The Dell EMC System Update software installer is signed by Dell. It is recommended that you verify the authenticity of the Dell EMC System Update installer signature.
4 Miscellaneous Configuration and Management Topics: • • • Dell EMC System Update licensing Protect authenticity and integrity Manage backup and restore in Dell EMC System Update Dell EMC System Update licensing DSU has open source approvals for the internal dependencies and gets installed with the application on the box. It can also be find at opensource.dell.com/releases/DSU/ For more information about licensing of Dell EMC System Update, see the Dell EMC System Update User's Guide available at dell.
