Page 1
StorageTek Security Guide for SL500, SL3000, and SL8500 E23535-02 October 2013...
Page 2
Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.
Contents Preface ................................. v Audience............................... Documentation Accessibility ........................1 Overview Product Overview............................. 1-1 Security............................... 1-2 General Security Principles........................1-2 Keep Software Up To Date ....................... 1-2 Restrict Network Access ........................1-2 Keep Up To Date on Latest Security Information ................. 1-2 2 Secure Installation Understand Your Environment ......................
Preface This document describes the security features of Oracle’s StorageTek SL500, SL3000, and SL8500 libraries. Audience This guide is intended for anyone involved with using security features and secure installation and configuration of StorageTek SL500, SL3000, and SL8500. Documentation Accessibility...
Product Overview SL500 SL500 is a 40U 19" rack mounted modular automated tape library by Oracle Corporation. It offers storage capacity of 30 to 500 LTO or SDLT tape cartridges, from 1 to 18 LTO or SDLT SCSI LVD, Fibre, or SAS tape drives, with either a separate SCSI LVD or Fibre Library control path, or a bridged drive Fibre or SAS port control path.
Keep Up To Date on Latest Security Information Oracle continually improves its software and documentation. Check this document every release for revisions. 1-2 StorageTek Security Guide for SL500, SL3000, and SL8500...
Secure Installation This section outlines the planning and implementation process for a secure installation and configuration, describes several recommended deployment topologies for the systems, and explains how to secure a tape library. Understand Your Environment To better understand security needs, the following questions must be asked: Which resources need to be protected? Many resources in the production environment can be protected.
Security Features This section outlines the specific security mechanisms offered by the product. The library provides an internal firewall to protect itself. This should not be the only line of security to protect the library. Ideally, the library should be in a physically secured data center that also has a secured network that only allows access from the servers utilizing its functionality.
Page 12
3-2 StorageTek Security Guide for SL500, SL3000, and SL8500...
The firewall must not be compromised. System access should be monitored. Network IP addresses should be checked. Contact your Oracle Services, Oracle Tape Library Engineering, or account representative to report suspected vulnerabilities in Oracle tape libraries. Secure Deployment Checklist A-1...
Page 14
A-2 StorageTek Security Guide for SL500, SL3000, and SL8500...
Page 15
References SL500 User Guide ■ SL3000 User Guide ■ SL8500 User Guide ■ References B-1...
Page 16
B-2 StorageTek Security Guide for SL500, SL3000, and SL8500...