Securing the IBM Spectrum Scale system using firewall

The IBM Spectrum Scale™ system is an open system where the customer can interact with the system through other third-party interfaces like MMC, web applications, and so on. The customer also has root access to the system just like any Linux server administrator. Firewalls that are associated with open systems are specific to deployments, operating systems, and it varies from customer to customer. It is the responsibility of the system administrator or Lab Service (LBS) to set the firewall accordingly; similar to what Linux distributions do today. This section provides recommendations to set up a firewall to secure the IBM Spectrum Scale protocol nodes.

Table 1. Firewall related information
Function Firewall recommendations and considerations
IBM Spectrum Scale installation Firewall recommendations for the IBM Spectrum Scale installation
Internal communication

Firewall recommendations for internal communication among nodes

For detailed information on port usage, see IBM Spectrum Scale port usage.
Protocol access (NFS, SMB, and Object) Firewall recommendations for protocol access
IBM Spectrum Scale GUI Firewall recommendations for IBM Spectrum Scale GUI
File encryption with IBM® Security Key Lifecycle Manager (SKLM) Firewall recommendations for IBM SKLM
File encryption with Vormetric Data Security Manager (DSM) Firewall recommendations for Vormetric DSM
REST API Firewall recommendations for the REST API
Performance monitoring Firewall recommendations for Performance Monitoring tool
Active File Management (AFM) Firewall considerations for Active File Management (AFM)
Transparent cloud tiering Firewall recommendations for Cloud services
Remotely mounted file systems Firewall considerations for remote mounting of file systems
IBM Spectrum Protect™ with IBM Spectrum Scale Firewall recommendations for using IBM Spectrum Protect with IBM Spectrum Scale
Start of changeIBM Spectrum Archive™ with IBM Spectrum ScaleEnd of change Start of changeFirewall considerations for using IBM Spectrum Archive with IBM Spectrum ScaleEnd of change
File audit logging Firewall recommendations for file audit logging
Examples of opening firewall ports