A.1 Security Features

The following table contains a summary of the security features of NetStorage:

Table A-1 NetStorage Security Features

Feature

Yes/No

Details

Users are authenticated

Yes

Administrative users are authenticated via eDirectory.

Users are authorized

Yes

Users are authorized via eDirectory trustees.

Access to configuration information is controlled

Yes

Access to the administrative interface is restricted to valid users that have Write rights to the configuration files.

Roles are used to control access

Yes

Configurable through iManager.

Logging and/or security auditing is done

Yes

Syslog is used on Linux servers. XTier has its own login mechanism on all platforms. XTlog is also used.

Data on the wire is encrypted by default

Yes

Data is encrypted on the wire if SSL is used.

If SSL is not used, NetIdentity can be used to provide secure authentication.

Stored data is encrypted

No

Passwords, keys, and any other authentication materials are stored encrypted

Yes

Usernames and passwords are encrypted. NetStorage configuration is encrypted in eDirectory.

Security is on by default

Yes

This is a Web server setting, and can be turned on or off at the Web server.