Security Resources

With the ever prevalent threats that span today’s landscape, NetApp continues to derive and provide security solutions across the portfolio. Links to security resources are found below. As always, stay tuned because just like the threat landscape, these resources are ever changing and being updated!

Products and Solutions

The product and solutions resources provide guidance, recommendations, and best practices with regard to security elements and configurations amongst the NetApp portfolio.

ONTAP

ONTAP 9 Security Datasheet - The ONTAP 9 Security Datasheet provides a comprehensive list of security features and functions available in ONTAP 9 - So if the question is, “what are all the security features/functions in ONTAP 9?”, This is your resource!

Security Hardening Guide for NetApp ONTAP 9 - We humbly refer to to the Security Hardening Guide for NetApp ONTAP 9 as your key resource when it comes to answering the question, “how do I deploy ONTAP 9 in the most secure fashion?”. The hardening guide provides the recommended commands and configs necessary to enable ONTAP 9 in the most secure configuration.

ONTAP 9 Encryption Power Guide - When it comes to understanding the configuration and management details of NSE and NVE, including deployment, certificates, onboard key management and more, the Power Guide is the key resource!

ONTAP 9 Network Management Guide - While this guide provides vast elements surrounding ONTAP networking (IPv4, v6, IPSpaces, and more), it also captures some key security elements such as managing SVMs, protocol restrictions and firewall configuration in addition to control plane elements such as DNS, SNMP, FIPS configuration, and MTU details. The Network Management Guide also shows list of ports used in ONTAP, also listed in the hardening guide.

ONTAP 9 Administrator Authentication and RBAC Power Guide - You’ve heard us tout Role Based Access Control (RBAC) and it’s importance countless times. This guide provides the details on how to enable login accounts for ONTAP cluster administrators and Storage Virtual Machine (SVM) administrators while defining their capabilities, hence leveraging the recommended best practice that is RBAC!

ONTAP - Secure Unified Authentication - Curious as to the most secure manner in which to deploy NFS with LDAP? Ever heard of Kerberos? Well here is your guide to integrating NetApp storage systems with Kerberos version 5 using secure NFS storage authentication.

DS-3898: NetApp Storage Encryption and NetApp Volume Encryption - When it comes to encryption at rest there are many questions about the capabilities. The NSE and NVE Datasheet seeks to quell such questions by providing a comprehensive understanding of what NSE is, what NVE is, use cases, and how they can be leveraged individually or together for a true dual/double encryption solution.

NetApp Storage Encryption Datasheet - The NSE Datasheet provides a holistic overview of the NSE solution and use cases. If you have ever wondered what NSE is, what we mean by self encrypting drives, or what encryption algorithm is in use, this is the resource for you!

NetApp Volume Encryption Datasheet - The NVE Datasheet provides a holistic overview of the NVE solution and use cases. If you have ever wondered what NVE is, or what encryption algorithm it uses, this is the resource for you!

AltaVault

NetApp AltaVault Cloud-Integrated Storage Appliances - Security Overview - While the title may be a bit “obscure”, make no mistake this is the AltaVault Hardening Guide! When the question arises, “how do I deploy AltaVault in the most secure manner”, this guide is your answer!

Threats

Threat resources consist of guidance to address known threats through a combination of prevention, mitigation, and remediation.

Ransomware

The NetApp Solution for Ransomware - Ransomware wages war on every environment. Being the custodians of one of the world’s most valuable resources (data/information), it’s imperative that we protect it. When it comes to ransomware, this if your guide to addressing and remediating the threat.

NetApp and Varonis ransomware white paper - As a companion to the NetApp Solution for Ransomware, we have partnered with Varonis in addressing the advanced techniques around this threat. We have discussed and captured the solution in this joint white paper.

Integration and Solutions Guides

As we continue to tout the key elements of security including key management, we understand the challenges and value of timeliness as it applies to adoption and deployment. Due to such challenges we provide integration guides where we walk through the configuration/provisioning of “key” elements such as key managers, FPolicy, and other security laden integration solutions.

Key Management

NetApp ONTAP 9 External Key Management: Vormetric Key Management Integration Guide - The Vormetric integration guide for ONTAP 9 depicts how to provision the Vormetric (Thales) key manager for use with ONTAP 9.

FPolicy

FPolicy Solution Guide for Clustered Data ONTAP: Varonis DatAdvantage

FPolicy Solution Guide for Clustered Data ONTAP: Veritas Data Insight

Anti-Virus

Antivirus Solution Guide for McAfee

Antivirus Solution Guide for Sophos

Antivirus Solution Guide for Symantec

Antivirus Solution Guide for Trend Micro

Compliance

Compliance continues to evolve and shape the manner in which we address the organization’s of today and more importantly how we address securing the data. Remember Security does not equal Compliance, but security does in fact aid in addressing the challenge.

PCI DSS

ONTAP PCI DSS

Security Partners

Varonis