NOTE: As of version 9.4 (TLS 1.3), the manageaccess
command to
enforce TLS security is no longer supported.
About this task
For NIST SP 800-131A security conformance, web
browsers that are used to access the DS8000
Storage Management GUI and DS Service
GUI must be enabled
to support Transport Layer Security (TLS) and must have access to a NIST SP 800-131A compliant
cryptographic library.
Procedure
- Upgrade web browsers to a version that supports TLS on all systems that access the DS8000
Storage Management GUI and the DS Service
GUI.
For information about supported web browsers, see web browser support.
- Configure all web browsers to enable TLS refer to your web browser documentation for
instructions on enabling TLS.
For example, in Internet Explorer, use the following steps:
- Click
- On the Advanced tab, under Settings, select
Use TLS.
Attention: Ensure that all external web browsers that access the DS8000
Storage Management GUI are configured
for TLS before you continue with the next step. Otherwise, connection to the DS8000
Storage Management GUI will be lost.
- In the DS CLI, use the
manageaccess command to enforce TLS security for web browser access to the DS8000
Storage Management GUI.
dscli> manageaccess -ctrl gui -action setsecurity -level 800131a
For
more information, see the
manageaccess command.
- In the DS CLI, use the
manageaccess command to enforce TLS security for web browser access to the
DS Service
GUI.
dscli> manageaccess -ctrl wui -action setsecurity -level 800131a
You
must restart the server for this change to take effect. For more information, see the
manageaccess command.