IBM TS3500 Manual page 75

Hide thumbs Also See for TS3500:

Product manual (8 pages)

Update manual (37 pages)

Introduction and planning manual (290 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

Table Of Contents

191

page of 191

/ 191
Contents
Table of Contents
Bookmarks

Table of Contents

This section describes remote support security for the TS3500 Tape Library through a

system console when using the Tape Library Specialist Web interface.

The TS3500 Tape Library Tape Library Specialist Web interface does not allow any access to

customer data, and it does not allow FTP or TELNET type operations. It only provides those

functions that are specifically coded in the library firmware. The only files it can offload are

library logs, drive logs, a backup of the nonvolatile random access memory (NVRAM)

configuration information for the library, and certain usage and error statistics files. It

cannot be used to read or write a customer cartridge or otherwise access customer data.

The Tape Library Specialist Web interface allows the customer to set up an administrator

password, and no one without the password can use the Tape Library Specialist Web

interface to do anything to the library. The Tape Library Specialist Web interface also

provides several levels of access through roles, and these roles have lower levels of access

than the administrator. In addition, when password protection is enabled, the Tape Library

Specialist Web interface also provides an option to authenticate through the Storage

Authentication Service (SAS). For more information, go to

Security concerns when using the Tape Library Specialist Web interface are similar to those

of using the operator panel. For example:

•

A specialist user could move a cartridge from one location to another within the

library, potentially confusing a host application or making a cartridge unavailable by

moving it to a different partition.

•

A user could re-configure the library, possibly causing problems at the hosts because

of changes in partitioning or device IDs.

•

A remote user could update library or drive code. However, since the library and

drives ignore any code they do not recognize, the only exposure is to loading down

level code.

These security concerns can be addressed by utilizing the password, user role, and

authentication features provided by the Tape Library Specialist Web interface and also by

enabling SNMP audit logging. When SNMP audit logging is enabled, the library sends

notifications when certain events occur in the library. For more information, refer to

audit

logging.

Parent topic:

Remote support security

Security considerations for the IBM TS3500 Tape Library RS/232

Port

This section describes security information for the IBM TS3500 Tape Library RS/232 Port

through the debug/CETool interface.

Web

security.

SNMP

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

IBM TS3500 Manual page 75

Hide quick links:

Related Manuals for IBM TS3500

Related Products for IBM TS3500

Table of Contents