API Guide
Table Of Contents
- Dell EMC SmartFabric OS10 Security Best Practices Guide May 2021
- Contents
- OS10 security best practices
Chapter 1: OS10 security best practices........................................................................................ 4
On first boot......................................................................................................................................................................... 4
Password rules..................................................................................................................................................................... 5
Federal Information Processing Standards (FIPS)...................................................................................................... 6
Enable and configure secure boot................................................................................................................................... 7
Users, roles, and privilege levels...................................................................................................................................... 8
Port security........................................................................................................................................................................10
Management plane............................................................................................................................................................ 12
Role-based access control......................................................................................................................................... 12
Access rules...................................................................................................................................................................15
Banner rules...................................................................................................................................................................16
SNMP rules.................................................................................................................................................................... 17
Control plane....................................................................................................................................................................... 18
System clock rules....................................................................................................................................................... 18
Logging rules................................................................................................................................................................. 19
NTP rules.......................................................................................................................................................................20
Loopback rules.............................................................................................................................................................. 21
Data plane rules.................................................................................................................................................................. 21
Neighbor authentication.................................................................................................................................................. 22
X.509v3 certificates......................................................................................................................................................... 23
Generate a certificate signing request and private key..................................................................................... 23
Generate a self-signed certificate...........................................................................................................................25
Certificate revocation.................................................................................................................................................27
Configure security profiles........................................................................................................................................ 28
Smart card authentication for SSH........................................................................................................................ 30
Generate and install a new security certificate on OS10 10.4.3.0 and later releases for full switch
mode...........................................................................................................................................................................32
Contents
Contents 3