Security Resources

With the ever prevalent threats that span today’s landscape, NetApp continues to derive and provide security solutions across the portfolio. Links to security resources are found below. As always, stay tuned because just like the threat landscape, these resources are ever changing and being updated!

Products and Solutions

The product and solutions resources provide guidance, recommendations, and best practices with regard to security elements and configurations amongst the NetApp portfolio.

ONTAP

ONTAP 9 Security Datasheet - The ONTAP 9 Security Datasheet provides a comprehensive list of security features and functions available in ONTAP 9 - So if the question is, “what are all the security features/functions in ONTAP 9?”, This is your resource!

Security Hardening Guide for NetApp ONTAP 9 - We humbly refer to the Security Hardening Guide for NetApp ONTAP 9 as your key resource when it comes to answering the question, “how do I deploy ONTAP 9 in the most secure fashion?”. The hardening guide provides the recommended commands and configs necessary to enable ONTAP 9 in the most secure configuration.

ONTAP 9 Encryption Power Guide - When it comes to understanding the configuration and management details of NSE and NVE, including deployment, certificates, onboard key management and more, the Power Guide is the key resource!

ONTAP 9 Network Management Guide - While this guide provides vast elements surrounding ONTAP networking (IPv4, v6, IPSpaces, and more), it also captures some key security elements such as managing SVMs, protocol restrictions and firewall configuration in addition to control plane elements such as DNS, SNMP, FIPS configuration, and MTU details. The Network Management Guide also shows list of ports used in ONTAP, also listed in the hardening guide.

ONTAP 9 Manage administrator authentication and RBAC with the CLI - You can enable login accounts for ONTAP cluster administrators and storage virtual machine (SVM) administrators. You can also use role-based access control (RBAC) to define the capabilities of administrators.

NFS Kerberos in ONTAP - How to configure NFS Kerberos support in ONTAP for Active Directory and Red Hat Enterprise Linux (RHEL) clients.

How to configure LDAP in ONTAP Multiprotocol NAS identity management - Lightweight Directory Access Protocol (LDAP) configuration as a method for UNIX identity management and name mapping for multiprotocol NAS access in ONTAP.

DS-3898: NetApp Storage Encryption and NetApp Volume Encryption - When it comes to encryption at rest there are many questions about the capabilities. The NSE and NVE Datasheet seeks to quell such questions by providing a comprehensive understanding of what NSE is, what NVE is, use cases, and how they can be leveraged individually or together for a true dual/double encryption solution.

NetApp Storage Encryption Datasheet - The NSE Datasheet provides a holistic overview of the NSE solution and use cases. If you have ever wondered what NSE is, what we mean by self encrypting drives, or what encryption algorithm is in use, this is the resource for you!

NetApp Volume Encryption Datasheet - The NVE Datasheet provides a holistic overview of the NVE solution and use cases. If you have ever wondered what NVE is, or what encryption algorithm it uses, this is the resource for you!

ONTAP 9.x STIG - Ver 1, Rel 1 of the NetApp ONTAP DSC 9.x STIG has been posted to the Security Technical Implementation Guides (STIGs) Document Library.

Threats

Threat resources consist of guidance to address known threats through a combination of prevention, mitigation, and remediation.

Ransomware

The NetApp Solution for Ransomware - Ransomware wages war on every environment. Being the custodians of one of the world’s most valuable resources (data/information), it’s imperative that we protect it. When it comes to ransomware, this is your guide to addressing and remediating the threat.

NetApp and Varonis ransomware white paper - As a companion to the NetApp Solution for Ransomware, we have partnered with Varonis in addressing the advanced techniques around this threat. We have discussed and captured the solution in this joint white paper.

Integration and Solutions Guides

As we continue to tout the key elements of security including key management, we understand the challenges and value of timeliness as it applies to adoption and deployment. Due to such challenges we provide integration guides where we walk through the configuration/provisioning of “key” elements such as key managers, FPolicy, and other security laden integration solutions.

Key Management

NetApp ONTAP 9 External Key Management: Vormetric Key Management Integration Guide - The Vormetric integration guide for ONTAP 9 depicts how to provision the Vormetric (Thales) key manager for use with ONTAP 9.

FPolicy

Cloud Insights with Cloud Secure

FPolicy Solution Guide for Clustered Data ONTAP: Varonis DatAdvantage

FPolicy Solution Guide for Clustered Data ONTAP: Veritas Data Insight

Anti-Virus

Antivirus Solution Guide for McAfee

Antivirus Solution Guide for Sophos

Antivirus Solution Guide for Symantec

Antivirus Solution Guide for Trend Micro

Compliance

Compliance continues to evolve and shape the manner in which we address the organization’s of today and more importantly how we address securing the data. Remember Security does not equal Compliance, but security does in fact aid in addressing the challenge.

PCI DSS

ONTAP PCI DSS

Security Partners

Varonis